Oct. 26 (UPI) — One of Australia’s largest health insurers said on Wednesday that the criminal hack into its database appears to be worse than originally thought.
On Wednesday, Medibank officials said they learned during an investigation that hackers had access to all 3.9 million customers’ personal data and significant amounts of health claims data, all international student customers’ personal data and significant amounts of health claims data and Medibank customers’ personal data and significant amounts of health claims data.
“As previously advised, we have evidence that the criminal has removed some of this data and it is now likely that the criminal has stolen further personal and health claims data,” Medibank said in a statement.
“As a result, we expect that the number of affected customers could grow substantially. Our priority is to continue working to understand the specific data that has been taken for each of our customers so that we can contact them directly to let them know.”
Medibank initially announced on Oct. 20 that hackers broke into its cloud-based data network and absconded with 200 gigabytes of customer data, which may include credit card numbers, home addresses, Medicare account numbers, and the private details of diagnoses and medical procedures.
Medibank said it is offering financial support to customers, free identity monitoring services for customers, and reimbursement of fees for the re-issue of identity documents that have been fully compromised.
Medibank said the hack will probably cost the company at least $25 million to fix. It said that cost does not include customer compensation or legal costs that may be brought against them.
