Health insurance giant Medibank Group is the latest Australian company to become the target of a cyber attack.
Last month telecommuncations company Optus was hit by a wide-scale breach which saw more than two million customers affected.
Telstra was also rocked by a data breach which saw the personal details of 30,000 current and former staff leaked.
In a statement released on Thursday, Medibank said it had “detected unusual activity” in its network on Wednesday.
It said there is no evidence however that sensitive customer data had been accessed and that some of its systems have been taken offline.
The company has also requested a trading halt on the Australian Stock Exchange.
“As part of our response to this incident, Medibank will be isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss,” the statement said.
“As a result our ahm and international student policy management systems have been taken offline. We expect these systems to be offline for most of the day.
“This will cause regrettable disruptions for some of our customers.”
Medibank Chief Executive David Koczkar issued an apology and said the insurer’s highest priority is resolving the matter as “transparently and quickly as possible”.
“We will continue to take decisive action to protect Medibank Group customers and our people,” he said.
“We recognise the significant responsibility we have to the people who rely on us to look after their health and wellbeing and whose data we hold.
“We are working around the clock to understand the full nature of the incident, and any additional impact this incident may have on our customers, our people and our broader ecosystem.”
In the wake of the Optus breach, the telco said 2.1 million of its nearly 10 million customers had one form of identification targeted in the attack.
It is believed that 900,000 of them are expired documents.
Optus also revealed upwards of 50,000 Medicare cards and 150,000 passports had been breached.
Following the breach, the major telco has announced financial services company Deloitte will conduct an external review of the attack.
Medibank said there is nothing that customers need to do at this stage but customers can call on 13 23 31 for updates and further information.
Australians fall victim to ANOTHER data breach as Woolworths reveals personal information of 2.2 million online users has been hacked
- Woolworths reveal almost 2.2 million people have been affected in data breach
- Woolworths-owned MyDeal were breached by a ‘compromised user credential’
- MyDeal say names, email and home addresses and phone numbers leaked
- They said all customers who have been compromised will be contacted by email
The data of almost 2.2million Australians has been exposed in a fresh breach after Woolworths-owned MyDeal identified a ‘compromised user credential’ was used to access its systems.
The leak comes just weeks after Optus suffered a breach which compromised data of up to 10 million customers in turn triggering an overhaul of the country’s consumer privacy rules.
Data leaked from MyDeal’s system included names, email addresses, phone numbers, delivery addresses, and some customers date of births.
Woolworths revealed on Friday almost 2.2 million users data was exposed after MyDeal identified that a ‘compromised user credential’ was used to access its systems
Woolworths said in a statement on Friday that MyDeal is in the process of contacting all affected customers by email.
‘MyDeal customers who are not contacted by MyDeal have not had their details accessed in the breach,’ the statement read.
‘Woolworths Group and MyDeal have also commenced engagement with relevant regulatory authorities and government agencies.’
MyDeal said they do not store payment, drivers licence or passport details and no customer account passwords or payment details have been compromised in this breach.
Data leaked from MyDeal’s system included names, email addresses, phone numbers, delivery addresses, and some customers date of births
MyDeal clarified their website and application were not impacted and no other Woolworths group platforms were compromised.
MyDeal CEO, Sean Senvirtne, said: ‘We apologise for the considerable concern that this will cause our affected customers.’
‘We have acted quickly to identify and mitigate unauthorised access and have increased the monitoring of networks,’ he said.
‘We will continue to work with relevant authorities as we investigate the incident and we will keep our customers fully informed of any further updates impacting them.’
Woolworths Group Chief Security Officer, Pieter van der Merwe said Woolworths Group’s cyber security and privacy teams are working collaboratively with MyDeal.
Woolworths announced in May that they would be taking over MyDeal – an online retail company.
At the time of the takeover, Woolworths CEO Brad Banducci said, ‘The addition of MyDeal to Woolworths Group represents a further step towards delivering a more holistic customer experience in food and everyday needs and materially expands our marketplace capabilities, especially in general merchandise.