Medibank Group has removed access to a few customer-facing systems following detection of “unusual activity” on its network a day ago.
In a statement, Medibank confirmed that there had been no evidence that any customer data had been compromised so far, after consulting with specialised cyber security firms. However, the ahm and international student policy management systems have since been taken offline – and will likely remain offline for the rest of the day – in order to contain the incident.
Although ahm and international student customers can contact support via phone, Medibank said the staff “won’t be able to access policy information.” In the meantime, Medibank promised to provide customers with regular updates on the investigation.
Medibank’s health services will also continue to be available to customers, including the ability to access health providers.
David Koczkar, chief executive officer of Medibank, said the insurer’s highest priority is to resolve the matter as quickly and transparently as possible.
“I apologise and acknowledge that in the current environment this news may make people concerned. We recognise the significant responsibility we have to the people who rely on us to look after their health and wellbeing and whose data we hold,” Koczkar said. “We are working around the clock to understand the full nature of the incident, and any additional impact this incident may have on our customers, our people and our broader ecosystem.”
The cyber incident comes only weeks after Optus experienced a major breach that exposed the personal data of nearly 10 million customers.