The ransomware attack that caused last week’s cyberattack and outage of online services has been confirmed by health insurance company Medibank.
One of Australia’s major private health insurance companies, Medibank Private Limited insures more than 3.7 million individuals and employs 4,000 people.
The company’s CEO David Koczkar issued an updated statement in which he expressed regret for the brief service interruption. It acknowledged that a ransomware assault had occurred, and notified consumers that business as usual had been resumed.
The statement explains, “Our ongoing investigation has determined the strange activity we saw in a portion of our IT network was consistent with a probable ransomware threat.
Koczkar claims that although the business was the victim of a ransomware attack, no systems were encrypted. Additionally, even though they are still looking into the situation, there is no proof that the attackers stole any client data.
On Wednesday, October 12, the company discovered suspicious activity on its network and quickly shut down some of its systems. They include those geared toward customers, to minimize the possibility of data loss.
About 2.8 million emails and SMS were sent out by Medibank on Friday to inform its clients of the security breach and to explain the reasons behind the outages.
The warnings emphasized that the investigation was still ongoing while offering the initial guarantees about the security of private information.
The announcement made today hasn’t altered anything in that regard, therefore the integrity of IT systems. And consumer data doesn’t appear to have been impacted by the cyberattack.
The statement from Medibank concludes, “As an additional measure of precaution, we’ve implemented additional security measures across our network. Then continued to work with external cybersecurity experts and the Australian Government’s lead cyber agency, with our forensic investigation continuing.
Australia’s IT turmoil
In the previous several weeks, there have been a number of high-profile cybersecurity incidents in Australia, including:
11 million subscribers of the telecommunications company Optus had their data stolen by hackers.
The disclosure of employee data belonging to Telstra as a result of a third-party breach.
The disclosure of the Australian Federal Police’s secret agent identities and operations information due to the leak of a Colombian government database (AFP).
The Australian government is anticipated to shortly enact tighter data protection regulations in reaction to recent breaches. It is also being explored to develop a mechanism for preventing and responding to cyberattacks.