Medibank confirms stolen data from ransomware attack

Major Australian health insurance provider Medibank has announced customer data has been compromised as a result of a ransomware attack it experienced last week, as indicated by the sample of 100 stolen records shared by attackers to the insurer, reports The Record, a news site by cybersecurity firm Recorded Future. After initially reporting that its systems have not been encrypted by threat actors, Medibank disclosed that the shared data sample had been retrieved from its "ahm and international student systems," with the stolen data including names, birthdates, addresses, phone numbers, Medicare numbers, and policy numbers, as well as other claims information. However, Medibank is still in the process of verifying hackers' claims of stealing 200GB of data, including credit card security information. "We expect the number of affected customers to grow as the incident continues. Medibank will never contact customers requesting passwords or other sensitive information," said Medibank Senior Executive for External Affairs Emily Ritchie.