Thursday, September 19, 2024
Latest:
Medibank faces legal action following a cyber attack from Russia that compromised the data of 9.7 million Australians

Medibank faces legal action following a cyber attack from Russia that compromised the data of 9.7 million Australians.

Medibank is facing legal action after the personal details of 9.7 million Australians were stolen in a cyber attack.

Australia’s information watchdog is suing Medibank over a massive data breach in October 2022, which exposed sensitive information including names, dates of birth, and Medicare numbers. Much of this data was subsequently leaked online.

The Australian Information Commissioner announced on Wednesday that it had initiated civil penalty proceedings against Medibank. The Commissioner alleged that Medibank had not taken adequate measures to protect the personal information it held, despite the risks involved.

According to acting Commissioner Elizabeth Tydd, the exposure of this information on the dark web posed significant risks to affected individuals, including potential emotional distress, identity theft, and financial crimes.

The legal action follows an investigation into the breach, which affected both current and former Medibank members, as well as its subsidiary AHM.

Under Australian privacy laws, organizations like Medibank are required to implement reasonable measures to safeguard personal information from unauthorized access. The Office of the Australian Information Commissioner (OAIC) can seek penalties from the Federal Court for serious breaches of privacy.

If found liable, Medibank could face substantial civil penalties, potentially up to $2.2 million for each instance of non-compliance. This penalty amount would be determined by the court.

In response to the breach, sanctions were imposed against Aleksandr Ermakov, a Russian individual allegedly involved in the cyber attack. These sanctions marked the first application of Australia’s cyber security legislation enacted in 2021.

Medibank, a major player in Australia’s health insurance sector with significant financial turnover, has been under scrutiny for its handling of this security incident and its compliance with privacy protections.

Leave a Reply

Your email address will not be published. Required fields are marked *