Law
firm
Baker
&
McKenzie
has
filed
a
class
action
in
the
Federal
Court
against
Medibank,
over
its
2022
data
breach.
Medibank
disclosed
the
action
in
a
statement
to
the
Australian
Securities
Exchange on
Tuesday
night.
Medibank
said
it
understands
the
class
action
is
being
funded
by
Omni
Bridgeway.
“The
statement
of
claim
includes
allegations
of
breach
of
contract,
contraventions
of
the
Australian
Consumer
Law,
and
breach
of
equitable
obligations
of
confidence,”
Medibank
said.
The
health
insurer
added
that
it
will
defend
the
proceedings.
Medibank
was
breached
in
October
2022,
and
in
November,
stated
that
it
would
not
pay
the
ransom
demanded
by
the
attackers.
The
attackers
responded
with
several
data
dumps,
the
last
of
which
was
made
public
in
December.
On
November
7,
Medibank
published
a
granular
analysis
detailing
that
the
names,
dates
of
birth,
addresses,
phone
numbers,
and
email
addresses
of
9.7
million
policy-holders
had
been
stolen,
including
5.1
million
Medibank
customers,
2.8
million
customers
of
Medibank-owned
subsidiary
AHM
and
1.8
million
international
customers.
Around
160,000
Medibank
customers,
300,000
ahm
customers,
and
20,000
international
customers
also
had
their
health
claims
data,
including
provider
name
and
location,
and
procedure
and
diagnostic
claim
codes,
exposed.
The
Baker
&
McKenzie
action
is
not
related
to
an
action
announced
in
January
and
backed
by
Maurice
Blackburn,
Centennial
Lawyers,
and
Bannister
Law
Class
Actions.
A
spokesperson
for
Maruice
Blackburn
told
iTnews
the
team
decided
not
to
proceed
with
a
class
action
at
this
stage.
Instead,
they
have
filed
what’s
known
as
a
“representative
complaint”
with
the
Office
of
the
Australian
Information
Commissioner,
which
if
successful
could
result
in
the
OAIC
using
its
powers
to
order
compensation
to
victims
of
the
data
breach.
About Author
