Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident.
The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was “consistent with the precursors to a ransomware event,” prompting it to isolate its systems, but not before the attackers exfiltrated the data.
“This figure represents around 5.1 million Medibank customers, around 2.8 million ahm customers, and around 1.8 million international customers,” the Melbourne-based firm noted.
Compromised details include names, dates of birth, addresses, phone numbers, and email addresses, as well as Medicare numbers (but not expiry dates) for ahm customers, and passport numbers (but not expiry dates) and visa details for international student customers.
It further said the incident resulted in the theft of health claims data for about 160,000 Medibank…