[ad_1]
An Australian health insurer’s customer data – including diagnoses and treatments – has been seized by a cybercriminal to blackmail the country in its second major privacy breach in a month, officials said.
Trading in Medibank shares on the ASX has been suspended since Wednesday, when police were alerted that the company had contacted a so-called “criminal” looking to negotiate stolen personal data from customers.
Medibank, which has 3.7 million customers, said criminals provided samples of 100 customer policies from allegedly 200 GB of stolen data.
Details include customer name, address, date of birth, national healthcare identification number and telephone number.
Cybersecurity Minister Clare O’Neil said the most concerning was the theft of medical diagnosis and surgical records.
Ms O’Neill told reporters: “Financial crime is a scary thing. But in the end, credit cards can be replaced.
“The threat of providing Australians’ private personal health information to the public here is dog behaviour.”
The Medibank breach, which Ms O’Neill called a “ransomware attack”, came a month after a cyber attack stole the personal data of 9.8 million customers from telecommunications company Optus.
The Optus breach compromised the personal data of more than a third of Australia’s population, prompting the government to propose urgent reforms to privacy laws to increase penalties for companies that fail to protect customer data and limit the amount of data that can be accessed. reserve.
Ms O’Neill said cybercrime was a growing problem worldwide and Australia needed to be better prepared.
“Together with Optus, it’s a huge wake-up call for the country and certainly gives the government a very clear mandate to do something that frankly probably should have been five years ago, but I think it’s still very important, She added, referring to the privacy law reforms the government hopes to pass parliament this year.
Medibank chief executive David Koczkar said his company was working with specialist cybersecurity firms as well as police and government experts to tackle the breach.
“I unreservedly apologise for this crime against our customers, our employees and the wider community,” Mr Koczkar said in a statement.
“I know a lot of people will be disappointed with Medibank and I admit that,” he added.
[ad_2]
Source link