Sign Up
..... Connect Australia with the world.
Categories

SMH - Technology

Privacy watchdog sues Medibank over cyber hack
Posted: 2024-06-04 22:42:27
Original link: https://www.smh.com.au/technology/privacy-watchdog-sues-medibank-over-cyber-hack-20240605-p5jjc6.html?ref=rss&utm_medium=rss&utm_source=rss_technology

Australia’s privacy watchdog is suing health insurance giant Medibank following its October 2022 data breach, alleging the company breached the nation’s privacy laws and exposed its customers to a risk of identity theft, extortion and financial crime.

The Office of the Australian Information Commissioner (OAIC) has filed civil proceedings in the Federal Court against Medibank, following the hack that affected nearly 10 million current and past Medibank customers who had their information released on the dark web.

The watchdog alleges Medibank failed to take reasonable steps to protect customers’ personal information from misuse and unauthorised access, in breach of Australia’s Privacy Act.

The watchdog alleges Medibank failed to take reasonable steps to protect customers’ personal information from misuse and unauthorised access, in breach of Australia’s Privacy Act.Credit: Steven Siewert

The watchdog alleges Medibank failed to take reasonable steps to protect customers’ personal information from misuse and unauthorised access, in breach of Australia’s Privacy Act, alleging one contravention of the Act for each of the 9.7 million affected customers.

The company is facing potential penalties of up to $2.22 million for each contravention of section 13G of the Privacy Act, which states “the entity repeatedly does an act, or engages in a practice, that is an interference with the privacy of one or more individuals”.

“The release of personal information on the dark web exposed a large number of Australians to the likelihood of serious harm, including potential emotional distress and the material risk of identity theft, extortion and financial crime,” Australian Information Commissioner Elizabeth Tydd said on Wednesday.

Loading

“We allege Medibank failed to take reasonable steps to protect personal information it held, given its size, resources, the nature and volume of the sensitive and personal information it handled, and the risk of serious harm for an individual in the case of a breach.

“We consider Medibank’s conduct resulted in a serious interference with the privacy of a very large number of individuals.”

In October 2022, criminals accessed basic account details of 9.7 million current and former Medibank customers, as well as the health claim data for about 160,000 Medibank customers, 300,000 customers of its budget arm, ahm, and 20,000 international customers. It was one of the worst cyber breaches ever reported in Australian history.

View More
  • Share
  • 0 Comment(s)
  • Favorite

Read On:

The Plucky Squire's co-creator speaks to the magic behind the story - 2024-09-19 04:26:08
‘Absolute spy novel’: Rigging pagers to explode is no simple attack - 2024-09-18 05:32:24
Instagram locks down teens: How the new feature will work - 2024-09-18 01:35:00
Venture capital fund Rampersand ramps up hunt for next Aussie unicorn - 2024-09-17 19:00:00
‘Parents already have the tools’: Snapchat billionaire pushes back on social media ban - 2024-09-17 18:00:00
New app offers bargain on bakery treats being thrown out - 2024-06-04 09:37:18
Can you save money with BYO storage on laptops and phones? - 2024-06-03 19:00:00
Can Sonos beat Apple AirPods Max with new Bluetooth magic? - 2024-06-03 13:00:00
Civilian deaths from killer drones are this generation’s ‘Oppenheimer moment’ - 2024-06-03 01:30:00
The Melburnians behind one of Silicon Valley’s hottest AI start-ups - 2024-06-02 14:30:00
Report this news
Captcha Challenge
Reload Image
Type in the verification code above