Medibank said a file containing names and contact details of staff members had been compromised after its property manager faced a cyber security breach.
The incident comes at a time when Medibank is dealing with the fallout of a cyber incident it faced in October, where data of about 9.7 million of its current and former customers was compromised.
It is currently facing three class action lawsuits in relation to that breach, and is also under investigation by the country’s privacy regulator on its handling of personal information.
Medibank in an email told Reuters that one of its property managers that uses file transfer software MOVEit was compromised, and a file containing its employee names, email addresses and phone numbers was stolen.
The company added that the file did not have employee bank details, payroll, or home addresses.
“We continue to investigate and work closely with the vendor, and at this stage we are not aware of any of our customers’ data being compromised,” Medibank said.
“Medibank systems have not been impacted by the MOVEit cyberattack.”
Over the past 10 months, Australia has been roiled by a raft of cyber attacks, prompting regulators to investigate company practices of handling personal information and plan an overhaul of the country’s cyber security rules.
About Author
