Advertisement

Medicare numbers, addresses stolen in Medibank attack

The Medibank data hack is a wake-up call for businesses, the federal government says.

The Medibank data hack is a wake-up call for businesses, the federal government says. Photo: AAP

Medibank has admitted customers’ personal data – including names, addresses, Medicare numbers and phone numbers – has been stolen in a cyber attack.

The country’s biggest private health insurer said on Wednesday revealed it had received messages from the alleged hackers claiming they had removed customer data, less than a week after it was hit by a cyber attack.

The alleged hacker said they had 200 gigabytes of stolen data – including names, addresses, dates of births and Medicare and phone numbers – along with locations of where customers got medical treatment and other information about diagnoses and procedures.

An investigation has been launched, with federal government agencies working alongside Medibank.

Exactly how many customers have been affected by the hack, which also affects Medibank’s budget arm ahm, is not yet known. Customers were being contacted from Thursday morning, with the number involved expected to grow.

On Thursday afternoon, Home Affairs Minister Clare O’Neil said the hack was a “dog act”.

“Financial crime is a terrible thing, but ultimately, a credit card can be replaced,” she said.

“The threat that is being made here, to make the private, personal health information of Australians made avaliable to the public is a dog act.”

Earlier on Thursday, chief executive David Koczkar unreservedly apologised to everyone affected.

“I know many will be disappointed with Medibank and I acknowledge that disappointment,” he said.

“We will learn from this incident and will share our learnings with others … Medibank will remain open and transparent and will continue to provide comprehensive update as often as we can and need to.”

The Medibank hack, following the recent widespread data breach at telecommunications company Optus, is a wake-up call for business.

Ms O’Neil said the situation was concerning and that agencies were working to stop the data from being released on the internet.

“This is the new world that we live in. We are going to be under relentless cyber attacks essentially from here on in,” Ms O’Neil told ABC Radio on Thursday.

“We need to do a lot better as a country to make sure that we are doing everything we can within organisations to protect customer data and also for citizens to be doing everything they can.”

Ms O’Neil said it was too early to tell how many customers had been affected by the Medibank hack after speaking with the insurer’s CEO.

“The reason that I am so concerned about this … is because, of course, of the sensitive nature of the information involved,” Ms O’Neil said.

“What we have here is information that’s held by this organisation, which is healthcare information, and that just on its own being made public can cause immense harm to Australians.”

The Australian Securities Exchange-listed Medibank went into a trading halt after it was contacted by the alleged hackers.

– with AAP

Advertisement
Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter.
Copyright © 2025 The New Daily.
All rights reserved.