Hackers up stakes in data theft
CUSTOMERS of health insurance giant Medibank may have credit card security details stolen, the company’s chief executive has confirmed in a dramatic escalation of the hackers’ demands.
In a letter to customers, Medibank chief executive David Koczkar said he apologised “unreservedly,” and said the hackers had claimed to have stolen data relating to credit card security, a claim yet to be confirmed by the company’s own investigation.
“Our team are continuing to work around the clock to understand what additional customer data has been affected and how this will impact them,” Mr Koczkar said in the letter.
“We expect the number of affected customers to grow as the incident continues.”
It comes after Medibank, which has more than 3.9 million customers, revealed customers may have had deeply personal information like abortion and mental health history hacked by criminals in a major cyber security breach last week. The stolen data includes codes for medical conditions they have been diagnosed with including their sexual health, serious diagnoses such as cancer, whether a woman has undergone a termination, and whether a person has been treated for a mental health condition or substance abuse.
Medibank entered a voluntary suspension of ASX trade amid uncertainty over the financial fallout of the hack.
It has been a nightmare month for Australian companies with the likes of telco’s Optus and Telstra and online retailer Mydeal all reporting significant customer data breaches. While initially playing down the impact of the attack, the company confirmed it had been contacted by the criminals who claim to have stolen 200GB of data.
“The criminal has provided a sample of records for 100 policies which we believe has come from our ahm and international student systems,” the company said.