November 7 (Portal) – Medibank Private Ltd (MPL.AX), Australia’s largest health insurer, said on Monday it would not make a ransom payment to the criminal responsible for a recent data theft involving data from around 9 .7 million current and former customers traded compromised.
Highlighting the results of the company’s investigations to date, Medibank confirmed that the data breach accessed the names, dates of birth, addresses, phone numbers and email addresses of approximately 9.7 million current and former customers.
Cybersecurity issues in Australia have been on the rise recently, with a government report suggesting there is an attack every seven minutes.
“Based on the extensive advice we have received from cybercrime experts, we believe there is a limited chance that paying a ransom will ensure the return of our customers’ data and prevent it from being made public,” Medibank said -CEO David Koczkar.
Koczkar added that paying a ransom could encourage the hacker to directly blackmail customers and hurt more people. The insurer reiterated that during the period of the cyber attack, business operations remained normal and customers continued to have access to healthcare services.
Medibank warned its customers to be vigilant as the criminal could leak the details online or attempt to contact customers directly.
Corporate Australia has seen a series of attacks in just the past few weeks, with Singapore Telecommunications’ unit Optus (STEL.SI) breaching up to 10 million customer accounts and Woolworths (WOW.AX) disclosing the data of millions of customers, who used his bargain shopping website had been compromised.
Medibank said it will commission an outside review to learn from the cyberattack while expanding its Cyber Response Support Program.
Reporting from Roushni Nair in Bengaluru; Edited by Daniel Wallis
Our standards: The Trust Principles.