Advertisement

Cyber insurance too expensive for Medibank

Medibank's value plummeted $1.75 billion when it returned to trading after a massive data breach.

Medibank's value plummeted $1.75 billion when it returned to trading after a massive data breach. Photo: TND

Medibank insists cyber insurance would not have helped it avoid a huge financial hit from the company’s major data breach.

Australia’s biggest private health insurer is looking at a $35 million pre-tax hit to its earnings for the first half of the financial year before any fines or extra compensation it might have to pay.

The company’s share market value plummeted about $1.75 billion on Wednesday in its first day of trading since revealing its customer database was hacked.

The share plunge happened on the same day Medibank disclosed the hackers had access to details for all four million of its customers and an unknown number of former customers.

Chief financial officer Mark Rogers said the company had not taken out cyber insurance because it was too expensive.

“Costs went up significantly over the last couple of years (in terms of) how much cover you can actually get in terms of the total amount of exposure, plus (our) actual ability to make a claim,” he said in an investor briefing.

“Notwithstanding the fact we didn’t have cyber insurance, I wouldn’t have expected, based on the policies we saw over the last couple of years, that the majority of costs … would have even been covered.”

Deputy Prime Minister Richard Marles said he hoped the incident would force other companies to take the threat of hacking more seriously.

“We’re working closely with Medibank to do everything we can to minimise the impact of it, but really this is a wake-up call for corporate Australia and for everyone who holds data,” he told Seven’s Sunrise program.

“We need to be making sure our systems are as robust as possible, and it’s also important for individuals in terms of the way we protect our own data.”

The government has introduced new legislation to parliament to dramatically increase penalties for companies that don’t properly protect sensitive data.

Fines will rise to the greatest of $50 million, 30 per cent of the company’s turnover in the relevant period, or three times the value of any benefit gained from the stolen data.

Existing penalties are capped at $2.2 million.

Meanwhile, NSW Health officials are investigating whether the Medibank data hack had affected the department.

“They’re still examining all of those details,” department secretary Susan Pearce told a NSW budget estimates hearing.

“If it does become known, we will do what we normally do and that is advise people in conjunction with whatever private health is doing. Those details are not yet known.”

– AAP

Advertisement
Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter.
Copyright © 2024 The New Daily.
All rights reserved.