SeatBackForward
Senior Member
- Joined
- Jun 20, 2006
- Posts
- 5,226
- Qantas
- LT Gold
- Oneworld
- Emerald
Which in no way prevents them from informing their affected customers also immediately.It's a legal requirement to keep shareholders informed.
Which in no way prevents them from informing their affected customers also immediately.It's a legal requirement to keep shareholders informed.
Which in no way prevents them from informing their affected customers also immediately.
The email I got from Medibank was only a few hours behind the announcement to the ASX.Which in no way prevents them from informing their affected customers also immediately.
But that's the same as Optus..
They've penetrated an internal network and copied a large poorly protected and seemingly non-hashed or salted database.
I play golf in Thailand with a retired IBM engineer.While true, the Medibank attack looks more like someone got onto their internal network.
Dear Jase05 We are contacting you in relation to the cybercrime event recently experienced by Medibank. Medibank has just advised us that you are one of a small number of Velocity Frequent Flyer members who may have had your Velocity membership number accessed as part of this event. We are acting swiftly to protect your Velocity account from unauthorised activity and have locked your account as a precautionary measure, while we issue you with a new Velocity membership number. Keeping your account safe from unauthorised activity is our priority and we apologise for any inconvenience caused. What impact will this have on me? This will have no impact on your Velocity Points balance, your ability to travel with Virgin Australia, having your member status recognised (including access to lounges as applicable) or your ability to earn Velocity Points. Your ability to log in to your account and redeem Points will be impacted while your account is locked and we will be in touch as soon as possible to issue you with a new Velocity membership number. What action do I need to take? You do not need to take any further action in regards to your account right now. Your account has been locked and we will be in touch in coming days regarding your new Velocity membership number and how to activate your new account. If you have any questions, please call us on 13 18 75. Sincerely, Velocity Frequent Flyer |
Fairly impressive response imo, despite any short-term inconvenience it may cause.Just got this email from VA
Dear Jase05
We are contacting you in relation to the cybercrime event recently experienced by Medibank.
Medibank has just advised us that you are one of a small number of Velocity Frequent Flyer members who may have had your Velocity membership number accessed as part of this event.
We are acting swiftly to protect your Velocity account from unauthorised activity and have locked your account as a precautionary measure, while we issue you with a new Velocity membership number.
Keeping your account safe from unauthorised activity is our priority and we apologise for any inconvenience caused.
What impact will this have on me?
This will have no impact on your Velocity Points balance, your ability to travel with Virgin Australia, having your member status recognised (including access to lounges as applicable) or your ability to earn Velocity Points. Your ability to log in to your account and redeem Points will be impacted while your account is locked and we will be in touch as soon as possible to issue you with a new Velocity membership number.
What action do I need to take?
You do not need to take any further action in regards to your account right now.
Your account has been locked and we will be in touch in coming days regarding your new Velocity membership number and how to activate your new account.
If you have any questions, please call us on 13 18 75.
Sincerely,
Velocity Frequent Flyer
AFF Supporters can remove this and all advertisements
I switched to Medibank when they had the 150k VFF promo. I’d been looking to change providers anyway but the points were a bonusOK so how would Medibank have your VFF number?
• | Credit card and banking details |
• | Your health claims data |
• | Primary identity documents, such as a driver's licence. Medibank does not collect primary identity documents for Australian resident customers except in exceptional circumstances |
• | Health claims data for extras services (such as dental, physio, optical and psychology). |
• | Being alert for any phishing scams that may come to you by phone, post or email |
• | Making sure to verify any communications you receive to ensure they are legitimate |
• | Being careful when opening or responding to texts from unknown or suspicious numbers |
• | Regularly updating your passwords with ‘strong’ passwords, not re-using passwords and activating multi-factor authentication on any online accounts, where available. |
• | A cybercrime health & wellbeing line – counsellors who have experience supporting vulnerable people (such as those at risk of domestic violence) and have been trained to support victims of crime and issues related to sensitive health information |
• | Mental health outreach service – proactive support service for customers identified as being vulnerable, or through referral from our contact centre team |
• | Better Minds App – new tailored preventative health advice and resources specific to cybercrime and its impact on mental health and wellbeing, including tools for managing anxiety and fear, with additional phone based psychological support available |
• | Personal duress alarms for customers particularly vulnerable and/or with safety risks |
• | Hardship support for customers who are in a uniquely vulnerable position as a result of this crime |
• | Specialist identity protection advice and resources through IDCARE’s purpose-built page for Medibank and ahm customers |
• | Free identity monitoring services for customers whose primary identity document has been compromised as a result of this crime |
• | Reimbursement of ID replacement fees for customers who need to replace any identity documents that have been compromised as a result of this crime. Please ensure you keep a copy of the receipt |
• | Specialised teams to help our customers who receive scam communications or threats in relation to this cybercrime. |
• | Beyond Blue (1300 224 636 / beyondblue.org.au) |
• | Lifeline (13 11 14 / lifeline.org.au) |
I agreeGot a second email today from medibank. The first one last week confirming my details that had been taken… name, address, phone number etc. The one today confirming that data had now been placed on the web.
It still annoys me that they use the word ‘criminal’ as often as they can… as in ‘the criminal’ has done this and ‘the criminal’ has done that.
It’s a hacker. Using the word ‘criminal’ somehow tries to shift the blame from medibank with the inference they are an innocent ‘victim’. The second part to this is that medibank it making look like they’re the aggrieved party, not us, the customers.
I’m not sure I agree with that. Medibank should have had better systems in place, especially after being on notice with Optus.
Absolutely zero help from medibank. Lots of links to ‘resources’ with fancy names like ‘IDcare’, but unreality all that takes you to is a page that says to change you passwords and be on the lookout for scams. No offer of identity protection and monitoring.
Not happy medibank. Pull you socks up!
Is there?Oh… there was a link to refund me taking out an identity protection service? I must have missed that! Or perhaps it was missing the first time they directed people to that page in the hope people didn’t re-read it the second time thinking nothing had changed?
I’ll go back and have another look!
Only if your primary ID has been compromised. They give the example of a passport… but I guess that means driver licence or medicare card too.Is there?
Lots of links to ‘resources’ with fancy names like ‘IDcare’, but unreality all that takes you to is a page that says to change you passwords and be on the lookout for scams. No offer of identity protection and monitoring.