Update on the Medibank Private Cyber Security Incident

On Wednesday 9 November, Medibank Private advised that a criminal has released files on a dark web forum containing customer data that is believed to have been stolen from Medibank’s systems.

This data includes personal data such as names, addresses, dates of birth, phone numbers, email addresses, Medicare numbers for AHM customers (not expiry dates), in some cases passport numbers for international students (not expiry dates), and some health claims data. 

This remains under investigation by the Australian Federal Police.

It’s important that you:

  • Remain vigilant and monitor all your devices and accounts for unusual activity. Report unusual activity to ReportCyber, IDCARE (1800 595 160), and your bank.
  • Be alert for scams that make reference to Medibank Private. Do not click on links in suspicious emails or messages that reference Medibank Private. Visit ScamWatch for help.

The ACSC has advice on practical ways to protect yourself online. You can follow these simple steps to boost your cyber security:

  • Update your device and turn on automatic updates to ensure you always have the latest security protection.
  • Turn on multi-factor authentication to increase the security of your accounts.
  • Set up and perform regular backups to copy and store critical information.
  • Implement access controls to limit user access to only what is needed on devices.
  • Stay up to date on cyber security threats and trends with ACSC Alert Service.

If you think you may be affected by the Medibank Private cyber security incident, AHM customers should contact 13 42 46 and for Medibank Private customers 13 23 31. Contact Medibank.

If you believe your Medicare card has been exposed, you can replace it at no cost through MyGov.

The following websites can help you protect yourself and stay informed:

<< Go back to the previous page