Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services.
Medibank Private Limited is one of Australia's largest private health insurance providers, covering over 3.7 million people and having 4,000 employees.
In a new statement by the company, CEO David Koczkar apologized for the temporary service outage, confirmed they suffered a ransomware attack, and informed customers that normal operations have resumed.
"Our ongoing investigation has found the unusual activity we detected in part of our IT network was consistent with a possible ransomware threat," details the statement.
While Koczkar states that the company suffered a ransomware attack, they claim that no systems were encrypted during the attack. Furthermore, while they continue to investigate the incident, no evidence has been uncovered that customer data has been stolen by the attackers.
The company first detected unusual activity on its network on Wednesday, October 12, and immediately shut down parts of its systems, including customer-facing services, to reduce the chances of data loss.
On Friday, Medibank sent out approximately 2.8 million emails and SMS to notify its customers about the security incident and provide an explanation for the outages.
The notices provided the first assurances about the safety of sensitive private data but underlined that the investigation was still ongoing.
Today's announcement hasn't changed anything on that front, so both customer data and IT system integrity appear unaffected by the cyberattack.
"As a further precaution, we've put in place additional security measures across our network, and we continue to work with external cybersecurity experts and the Australian Government's lead cyber agency, with our forensic investigation continuing," concludes Medibank's statement.
Australia's IT turmoil
Australia has had several high-profile cybersecurity incidents in the past couple of weeks, including:
- Hackers stole the data of 11 million customers of telecommunication provider Optus.
- The exposure of data belonging to employees of Telstra following a third-party breach.
- The leak of a Colombian government database exposing secret agent identities and operation details of the Australian Federal Police (AFP).
In response to these breaches, the Australian government is expected to introduce stricter data protection laws soon. The creation of a cyberattack prevention and response system is also being discussed.
Comments
TsVk! - 1 year ago
One has to wonder how the attack was classified as ransomware if no files were encrypted and no data was stolen.
It's good that they had enough canaries in the mine to know when to shut it down though. So many businesses miss the call to action. Well done Medibank.