Medibank says that ongoing investigations have yet to show any evidence that customer data was compromised as a result of the apparent ransomware attack.Credit:Louise Kennerley
The health insurer said compromised credentials were used to access its systems on Wednesday,but its ongoing investigations “continue to show there remains no evidence customer data has been removed from its IT environment,after it detected unusual activity last week in part of its IT network.”
Koczkar later clarified that there was no indication customer data had been accessed either.
“At this stage,we have no evidence that there was any access to customer data,but that is subject to our continuing forensic analysis,” he said.
The company said its systems were not encrypted by ransomware during this incident and there is no indication that the incident was caused by a state-based threat/actor.
Loading
“Medibank has contained the ransomware threat but remains vigilant and will take necessary steps in the future to protect its operations and its customers’ data,” it said.
Medibank temporarily blocked access to the ahm and international student customer policy management systems while the activity was investigated,but normal activity resumed on Friday.