Resolve ITResolve IT Logo

Medibank Cyber Attack Exposes Sensitive Customer Data

Medibank, Australia's largest healthcare provider, recently revealed that its customers' data was compromised in a cyber attack. The attack was wider than previously thought, as data from the company's main brand, as well as AHM and international student customers, were affected. The cyber security Research Centre's CEO, Rachel Falk, explains the evolving issue, the potential impact on customers, and how criminals could exploit the stolen information.

The Evolving Issue

Medibank has confirmed that customer data was stolen and is currently verifying the information provided by the criminals. The company is assessing what else has been stolen, and the issue is evolving. Medibank stated that the attack was distressing, and they are taking all necessary steps to contain the breach and protect their customers.

Potential Impact on Customers

The stolen data includes some of the most private information about customers. Criminals can use this information to re-victimize customers, exploiting them for further financial gain. They could send phishing emails purporting to be from Medibank, asking for password updates, credit card details, or other sensitive information. They could also send texts or make phone calls to customers.

How Criminals Could Exploit Stolen Information

Re-victimisation is the main concern here, rather than the information being used to buy things on credit cards. If criminals have accessed credit card details, they could misuse them, although it is unclear whether the details were encrypted. Criminals are often quite innovative in their methods of re-victimisation, and they could use the stolen data to send follow-up emails or texts regarding medical treatments or payments.

Protecting Yourself

Medibank has said that they will only communicate with customers via official channels, and customers should be careful of emails, texts, or phone calls that seem suspicious. They should delete any emails that look dodgy and be alert for strange messages asking about recent medical treatments or payments. Customers should not enter their personal information unless they are sure it is from an official source.


Cyber attacks are becoming increasingly common, and they can have severe consequences. Companies and individuals should take all necessary precautions to protect themselves from these attacks. This includes using strong passwords, regularly updating software, and being cautious about clicking on suspicious links or opening suspicious attachments. By taking these steps, we can reduce the risk of falling victim to cybercrime.


I build things