One of Australia's largest private health insurers has suffered a cyberattack just a week after telecommunications giant Optus was spurred into damage control after the data of millions of customers was leaked.
The Medibank Group, which services around 3.9 million customers, revealed on Oct. 13 that a day earlier, it detected unusual activity on its network.
Medibank said the company isolated and removed access to customer-facing systems to reduce the possibility of damage.
The policy management systems for its ahm and international student products were taken offline for most of the day.
"I apologise and acknowledge that in the current environment, this news may make people concerned," said Medibank CEO David Koczkar. "Our highest priority is resolving this matter as transparently and quickly as possible."
The Second Incident in a MonthThe incident comes just a week after Optus suffered the largest data security breach in Australian corporate history, with the identification documents of 2.1 million customers exposed, including 1.2 million driver's license numbers.
The telco also said millions of additional data was stolen, but the information was out of date.
The company said it would conduct an independent review of the cyberattack with auditing firm Deloitte engaged for the task.
“We’re deeply sorry that this has happened, and we recognise the significant concern it has caused many people. While our overwhelming focus remains on protecting our customers and minimising the harm that might come from the theft of their information, we are determined to find out what went wrong," said CEO Kelly Bayer Rosmarin.
Australian Federal Police have also set up a task force to deal with the 10,000 most vulnerable customers who lost sensitive data, including passport numbers.
The Australian government requires companies to use a "100-point check" system to verify customer identities, including passport numbers, driver's licences, and birth certificates.