Add Category
The federal government has activated emergency provisions to marshal all relevant agencies and departments behind its response to the Medibank cyberattack, in a sign of its growing concern about the escalating incident which may have affected up to 4 million Australians.
The move to activate the national coordination mechanism (NCM), a framework set up during the COVID-19 pandemic, comes after Medibank on Tuesday admitted hackers may have obtained the private medical records of customers of its flagship brand. The company had previously insisted that only its smaller, budget brand ahm and international student customers were affected. “This is a distressing development and Medibank unreservedly apologises to our customers,” it said in a statement to the ASX confirming the widening scale of the attack.
The opposition has called on Cybersecurity Minister Clare O’Neil (bottom right), to reveal what information the government had from Medibank under chief executive David Koczkar (top right).Credit:Louis Trerise, Louise Kennerley, Arsineh Houspian
Home Affairs Minister Clare O’Neil told parliament on Tuesday that she had activated the NCM which means all the necessary Commonwealth agencies and departments have been corralled to deal with the attack. These include the Australian Federal Police, Australian Signals Directorate, Australian Cyber Security Centre, Department of Home Affairs, Services Australia and the Department of Health.
“What we can see is Medibank is just as complex and urgent as some of what was dealt with [during the pandemic],” O’Neil said on Tuesday. “When it comes to the personal health information of Australians, the damage here is potentially irreparable”.
The stolen data is from current and former customers and includes names, addresses, birthdates, Medicare numbers, contact information and claims data from the private health insurer. The list of Medibank customers affected potentially includes high-profile Australians.
“Australians who are struggling with mental health conditions, drug and alcohol addiction, with diseases that carry some shame or embarrassment – they are entitled to keep that information private and confidential,” O’Neil said in parliament.
Senator James Paterson, the shadow minister for cybersecurity, criticised the government for a slow response to the attacks and said that despite the company’s initial denials customers’ worst fears have now been realised.
“After a slow and confused response to the Optus cyberattack, it is concerning that it took Cybersecurity Minister Clare O’Neil a week to publicly respond to the Medibank hack,” he said.