Medibank hack much worse than first reported

“It has become clear that the criminal has taken data that now includes Medibank customer data, in addition to that of (health insurance business) ahm and international student customers,” the company said in a statement today.

Australia’s largest private health insurance company said its update was “a distressing development”, after initially assuring the federal government that no sensitive personal information was taken during the cyber hack, first detected on October 12.

It has emerged as much as 200 gigabytes of data was stolen from its servers, including highly sensitive medical details and diagnoses of customers.

Today, the insurer said the hackers had shared another 1000 ahm customer files, adding to the 100 customers it confirmed last Thursday.

Medibank said it was “too soon” to know the full extent of customer data stolen, the total number of victims or specifically what information was taken.

“As we continue to investigate the scale of this cybercrime, we expect the number of affected customers to grow as this unfolds.”

Read Related Also: Carnival Cruises reintroduces masks for passengers onboard

Medibank boss David Koczkar apologised “unreservedly” and said the insurer is working with the government and AFP in their investigation.

“This is a malicious attack that has been committed by criminals with a view of causing maximum fear and damage, especially to the most vulnerable members of our community.”

In the aftermath of the attack, Medibank is suspending premium increases, initially planned for this month, until next year.

Medibank is the latest high-profile Australian business to be hit by hackers in a major breach.

More to come.