Medibank

Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services.

Medibank Private Limited is one of Australia's largest private health insurance providers, covering over 3.7 million people and having 4,000 employees.

In a new statement by the company, CEO David Koczkar apologized for the temporary service outage, confirmed they suffered a ransomware attack, and informed customers that normal operations have resumed.

"Our ongoing investigation has found the unusual activity we detected in part of our IT network was consistent with a possible ransomware threat," details the statement.

While Koczkar states that the company suffered a ransomware attack, they claim that no systems were encrypted during the attack. Furthermore, while they continue to investigate the incident, no evidence has been uncovered that customer data has been stolen by the attackers.

The company first detected unusual activity on its network on Wednesday, October 12, and immediately shut down parts of its systems, including customer-facing services, to reduce the chances of data loss.

On Friday, Medibank sent out approximately 2.8 million emails and SMS to notify its customers about the security incident and provide an explanation for the outages.

Notice sent to Medibank customers
Notice sent to Medibank customers

The notices provided the first assurances about the safety of sensitive private data but underlined that the investigation was still ongoing.

Today's announcement hasn't changed anything on that front, so both customer data and IT system integrity appear unaffected by the cyberattack.

"As a further precaution, we've put in place additional security measures across our network, and we continue to work with external cybersecurity experts and the Australian Government's lead cyber agency, with our forensic investigation continuing," concludes Medibank's statement.

Australia's IT turmoil

Australia has had several high-profile cybersecurity incidents in the past couple of weeks, including:

In response to these breaches, the Australian government is expected to introduce stricter data protection laws soon. The creation of a cyberattack prevention and response system is also being discussed.

Related Articles:

BlackSuit ransomware gang claims attack on KADOKAWA corporation

CDK Global outage caused by BlackSuit ransomware attack

Change Healthcare lists the medical data stolen in ransomware attack

Panera Bread likely paid a ransom in March ransomware attack

Keytronic confirms data breach after ransomware gang leaks stolen files