Global site navigation

Australia admits cyber defences 'inadequate' as medical hack hits millions
World

Australia admits cyber defences 'inadequate' as medical hack hits millions

by  AFP 2 min read
Hackers have accessed millions of medical records at Medibank, one of Australia's largest private insurers
Hackers have accessed millions of medical records at Medibank, one of Australia's largest private insurers. Photo: SAEED KHAN / AFP/File
Source: AFP

PAY ATTENTION: Click “See First” under the “Following” tab to see Briefly News on your News Feed!

Hackers accessed millions of medical records at one of Australia's largest private health insurers, the company said Wednesday, prompting the government to admit the nation's cyber safeguards were "inadequate".

This was the latest in a series of hacks targeting millions of people that have brought Australian companies' lax approach to cyber security into sharp relief.

Medibank chief executive David Koczkar said information about each of the company's 3.9 million policy holders -- some 15 percent of Australia's population -- had been compromised.

"Our investigation has now established that this criminal has accessed all our private health insurance customers' personal data and significant amounts of their health claims data," he said in a statement to the Australian stock exchange.

"This is a terrible crime. This is a crime designed to cause maximum harm to the most vulnerable members of our community."

Read also

Saudi blasts release of oil reserves 'to manipulate markets'

The cyber attack was revealed last week, but it was not known until now how many people were impacted.

PAY ATTENTION: Follow Briefly News on Twitter and never miss the hottest topics! Find us at @brieflyza!

The hackers have previously threatened to leak the data, starting with 1,000 famous Australians, unless Medibank pays a ransom.

Medibank on Wednesday also confirmed it was not insured against cyber attacks, estimating the hack could cost the company as much as Au$35 million (US$22 million).

The Medibank hack followed an attack on telecom company Optus last month that exposed the personal information of some nine million Australians -- almost a third of the population.

The Optus attack was one of the largest data breaches in Australian history.

'Inadequate'

Australia's Attorney-General Mark Dreyfus has previously accused companies of stockpiling sensitive customer data they did not need.

Firms currently face paltry fines -- Au$2.2 million -- for failing to protect customer data.

Read also

Rebuilding Ukraine a 'generational task' that begins now: Scholz

Dreyfus last week said these fines would be ratcheted up to Au$50 million.

"Unfortunately, significant privacy breaches in recent weeks have shown existing safeguards are inadequate," he said.

"It's not enough for a penalty for a major data breach to be seen as the cost of doing business."

Home Affairs Minister Clare O'Neil on Tuesday said the fallout from the Medibank hack was "potentially irreparable".

"One of the reasons why the government is so worried about this is because of the nature of the data," she told Australia's parliament.

"When it comes to the personal health information of Australians, the damage here is potentially irreparable."

O'Neil has previously described hacking as a "dog act" -- an Australian phrase reserved for something especially shameful or despicable.

PAY ATTENTION: Сheck out news that is picked exactly for YOU ➡️ find the “Recommended for you” block on the home page and enjoy!

Source: AFP

Authors:
AFP avatar

AFP AFP text, photo, graphic, audio or video material shall not be published, broadcast, rewritten for broadcast or publication or redistributed directly or indirectly in any medium. AFP news material may not be stored in whole or in part in a computer or otherwise except for personal and non-commercial use. AFP will not be held liable for any delays, inaccuracies, errors or omissions in any AFP news material or in transmission or delivery of all or any part thereof or for any damages whatsoever. As a newswire service, AFP does not obtain releases from subjects, individuals, groups or entities contained in its photographs, videos, graphics or quoted in its texts. Further, no clearance is obtained from the owners of any trademarks or copyrighted materials whose marks and materials are included in AFP material. Therefore you will be solely responsible for obtaining any and all necessary releases from whatever individuals and/or entities necessary for any uses of AFP material.

Hot: