Medibank hit by cyber attack

SeatBackForward said:
Which in no way prevents them from informing their affected customers also immediately.
Click to expand...

Just playing devil's advocate here. Shareholders were informed via an ASX announcement. Members also have access to that information. It's not like shareholders were sent an email about it.

I do see your point though.
 
moa999 said:
But that's the same as Optus..
They've penetrated an internal network and copied a large poorly protected and seemingly non-hashed or salted database.
Click to expand...

We must have heard different stories about Optus. In any case, people have access to databases, and to be useful in any way, shape, or form usable, the data needs to be decrypted. Doesn't matter what you do, if people end up with the right access rights.
 
Unlock 20,000 Bonus Points on just $10K in Business Expenses
Turn business expenses into Business Class! Process $10,000 through pay.com.au to score 20,000 bonus PayRewards Points and join 30k+ savvy business owners enjoying these benefits:

- Pay suppliers who don’t take Amex
- Max out credit card rewards—even on government payments
- Earn & Transfer PayRewards Points to 8+ top airline & hotel partners

AFF Supporters can remove this and all advertisements

oz_mark said:
While true, the Medibank attack looks more like someone got onto their internal network.
Click to expand...
I play golf in Thailand with a retired IBM engineer.

He has told me on more than one occasion to be careful of your personal data anywhere and be extremely careful of any data on the internet.
 
Just got an email from medibank… how many times do they have to mention the word ‘criminal’ in one message? I made it at least four times and I gave up reading half way through.

Just because you keep repeating that the act was carried out by a ‘criminal’ doesn’t make the situation any better, or garner any sympathy for your company.
 
Just got this email from VA

Dear Jase05

We are contacting you in relation to the cybercrime event recently experienced by Medibank.

Medibank has just advised us that you are one of a small number of Velocity Frequent Flyer members who may have had your Velocity membership number accessed as part of this event.

We are acting swiftly to protect your Velocity account from unauthorised activity and have locked your account as a precautionary measure, while we issue you with a new Velocity membership number.

Keeping your account safe from unauthorised activity is our priority and we apologise for any inconvenience caused.

What impact will this have on me?
This will have no impact on your Velocity Points balance, your ability to travel with Virgin Australia, having your member status recognised (including access to lounges as applicable) or your ability to earn Velocity Points. Your ability to log in to your account and redeem Points will be impacted while your account is locked and we will be in touch as soon as possible to issue you with a new Velocity membership number.

What action do I need to take?
You do not need to take any further action in regards to your account right now.

Your account has been locked and we will be in touch in coming days regarding your new Velocity membership number and how to activate your new account.

If you have any questions, please call us on 13 18 75.

Sincerely,

Velocity Frequent Flyer​
 
jase05 said:
Just got this email from VA

Dear Jase05

We are contacting you in relation to the cybercrime event recently experienced by Medibank.

Medibank has just advised us that you are one of a small number of Velocity Frequent Flyer members who may have had your Velocity membership number accessed as part of this event.

We are acting swiftly to protect your Velocity account from unauthorised activity and have locked your account as a precautionary measure, while we issue you with a new Velocity membership number.

Keeping your account safe from unauthorised activity is our priority and we apologise for any inconvenience caused.

What impact will this have on me?
This will have no impact on your Velocity Points balance, your ability to travel with Virgin Australia, having your member status recognised (including access to lounges as applicable) or your ability to earn Velocity Points. Your ability to log in to your account and redeem Points will be impacted while your account is locked and we will be in touch as soon as possible to issue you with a new Velocity membership number.

What action do I need to take?
You do not need to take any further action in regards to your account right now.

Your account has been locked and we will be in touch in coming days regarding your new Velocity membership number and how to activate your new account.

If you have any questions, please call us on 13 18 75.

Sincerely,

Velocity Frequent Flyer​
Click to expand...
Fairly impressive response imo, despite any short-term inconvenience it may cause.
 
Thanks Medibank, just got this email.
I guess I’ll have to seek legal advice on how to proceed from here

We’re deeply sorry to inform you that some data relating to your membership has been stolen in the recent cybercrime event.



This email details what specific membership data was stolen, outlines actions you can take to safeguard your online identity, and the services available through our Cyber Response Support Program.



Which of your data has been stolen

Based on our investigation, we can confirm the following data relating to your membership has been stolen:

• first name and surname

• gender

• date of birth

• email (where you have provided it to us)

• address

• phone number (where you have provided it to us)

• policy number

• Live Better activities & rewards data (where this applies to you)



We believe the criminal has not stolen:

Credit card and banking details
Your health claims data
Primary identity documents, such as a driver's licence. Medibank does not collect primary identity documents for Australian resident customers except in exceptional circumstances
Health claims data for extras services (such as dental, physio, optical and psychology).


Identity protection

The federal government has issued a fact sheet about this cybercrime event and the steps you can take to safeguard your data. You can view it here.



We have engaged IDCARE – Australia's national identity and cyber support community service – to assist all customers who have concerns about the exposure of their data. To access this free service, visit the dedicated page for Medibank and ahm customers.



Extra precautions you can take

We recommend being vigilant with all online communications and transactions, namely:

Being alert for any phishing scams that may come to you by phone, post or email
Making sure to verify any communications you receive to ensure they are legitimate
Being careful when opening or responding to texts from unknown or suspicious numbers
Regularly updating your passwords with ‘strong’ passwords, not re-using passwords and activating multi-factor authentication on any online accounts, where available.


Medibank will never contact you asking for your password or sensitive information.



Customer data on the dark web

We believe data that was stolen has been released by the criminal on the ‘dark web’. The dark web is a closed online network, often accessed for criminal purposes. We strongly advise all affected customers to take the precautions outlined to safeguard their online identity. We recognise the distress this may cause you and we apologise.



The Australian Federal Police and Operation Guardian

The Australian Federal Police (AFP) have announced it will protect Medibank customers whose personal information has been unlawfully released online by criminals. They have taken immediate measures to identify further criminal activity. The AFP has stated that law enforcement will take swift action against anyone attempting to benefit, exploit or commit criminal offences using stolen Medibank data. You can read more about Operation Guardian here.



If a person contacts you threatening to release your data unless payment is made, please report this immediately to ReportCyber via their website or on 1300 292 371.


To report a scam, please do so via ScamWatch. If there is an imminent threat to your safety, call Triple Zero.



Support for customers

We have established a Cyber Response Support Program to support our current and former customers:

A cybercrime health & wellbeing line – counsellors who have experience supporting vulnerable people (such as those at risk of domestic violence) and have been trained to support victims of crime and issues related to sensitive health information
Mental health outreach service – proactive support service for customers identified as being vulnerable, or through referral from our contact centre team
Better Minds App – new tailored preventative health advice and resources specific to cybercrime and its impact on mental health and wellbeing, including tools for managing anxiety and fear, with additional phone based psychological support available
Personal duress alarms for customers particularly vulnerable and/or with safety risks
Hardship support for customers who are in a uniquely vulnerable position as a result of this crime
Specialist identity protection advice and resources through IDCARE’s purpose-built page for Medibank and ahm customers
Free identity monitoring services for customers whose primary identity document has been compromised as a result of this crime
Reimbursement of ID replacement fees for customers who need to replace any identity documents that have been compromised as a result of this crime. Please ensure you keep a copy of the receipt
Specialised teams to help our customers who receive scam communications or threats in relation to this cybercrime.


For further information on how to access the Cyber Response Support Program and details of our extended contact centre opening hours, please visit medibank.com.au/cybersecurity or call our contact centre team on 132 331.



Reach out for support

If you’re feeling distressed or anxious, please reach out. Along with calling Medibank’s Mental Health Supportline, you can contact your GP or the following support services:

Beyond Blue (1300 224 636 / beyondblue.org.au)
Lifeline (13 11 14 / lifeline.org.au)


If there is an imminent threat to your safety, call Triple Zero.



Visit Medibank Cyber Event Updates and Support page: medibank.com.au/cybersecurity

We’ll continue to post the latest information on this page, along with answers to frequently asked questions.



Yours sincerely,

The Medibank Cyber Response Support Team
 
Got a second email today from medibank. The first one last week confirming my details that had been taken… name, address, phone number etc. The one today confirming that data had now been placed on the web.

It still annoys me that they use the word ‘criminal’ as often as they can… as in ‘the criminal’ has done this and ‘the criminal’ has done that.

It’s a hacker. Using the word ‘criminal’ somehow tries to shift the blame from medibank with the inference they are an innocent ‘victim’. The second part to this is that medibank it making look like they’re the aggrieved party, not us, the customers.

I’m not sure I agree with that. Medibank should have had better systems in place, especially after being on notice with Optus.

Absolutely zero help from medibank. Lots of links to ‘resources’ with fancy names like ‘IDcare’, but unreality all that takes you to is a page that says to change you passwords and be on the lookout for scams. No offer of identity protection and monitoring.

Not happy medibank. Pull you socks up!
 
MEL_Traveller said:
Got a second email today from medibank. The first one last week confirming my details that had been taken… name, address, phone number etc. The one today confirming that data had now been placed on the web.

It still annoys me that they use the word ‘criminal’ as often as they can… as in ‘the criminal’ has done this and ‘the criminal’ has done that.

It’s a hacker. Using the word ‘criminal’ somehow tries to shift the blame from medibank with the inference they are an innocent ‘victim’. The second part to this is that medibank it making look like they’re the aggrieved party, not us, the customers.

I’m not sure I agree with that. Medibank should have had better systems in place, especially after being on notice with Optus.

Absolutely zero help from medibank. Lots of links to ‘resources’ with fancy names like ‘IDcare’, but unreality all that takes you to is a page that says to change you passwords and be on the lookout for scams. No offer of identity protection and monitoring.

Not happy medibank. Pull you socks up!
Click to expand...
I agree
I too had my data released and this is the first communication since I was notified two weeks ago
Its nothing more than:
- updates I can read in the paper
- links for support
- the generalised change your passwords statements and vigilance which is basic common knowledge
- regret -> apology -> rinse and repeat

Go to the website and its the same cough - other than a single line that highlights above

How about
1/ customers will not be charged premiums for next 3 months as a first step (or refund for past members)
2/Your case number allows you to go to (insert state here) and obtain new drivers license as we have set up arrangements
3/ Taking a $multimillion bonus whilst this happened on your watch is not a good look ie dont take it
4/ We have a team in place to facilitate you transferring to another fund (a process that usuallytakes ages)
5) Refunds for members taking out ID dark web monitoring (I took out Nortons)


I joined the class action - something I have never contemplated - to send a message. If anything comes of it I can donate funds to a domestic violence charity I support.

I could go on but what really gets me is the media saying how well MBP have handled this by not paying the ransom and keeping customers informed - really?? Meaningless emails without tangible action is not the sane as actively and practically helping customers
Its PR
 
Oh… there was a link to refund me taking out an identity protection service? I must have missed that! Or perhaps it was missing the first time they directed people to that page in the hope people didn’t re-read it the second time thinking nothing had changed?

I’ll go back and have another look!

edited… I see the free monitoring is only if you’ve had your primary ID accessed through the medibank data leak.
 
MEL_Traveller said:
Oh… there was a link to refund me taking out an identity protection service? I must have missed that! Or perhaps it was missing the first time they directed people to that page in the hope people didn’t re-read it the second time thinking nothing had changed?

I’ll go back and have another look!
Click to expand...
Is there?
 
MEL_Traveller said:
Lots of links to ‘resources’ with fancy names like ‘IDcare’, but unreality all that takes you to is a page that says to change you passwords and be on the lookout for scams. No offer of identity protection and monitoring.
Click to expand...


Ummmm ... no link to the Class Action page, I gather?
 

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Currently Active Users

... and 37 more.
Total: 268 (members: 87, guests: 181)
Back
Top