iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
An investigation into the Medibank data breach has been opened, which could see the health insurer heavily fined.
The Office of the Australian Information Commissioner (OAIC) will be investigating Medibank’s “personal information handling practices”.
“The OAIC’s investigation will focus on whether Medibank took reasonable steps to protect the personal information they held from misuse, interference, loss, unauthorised access, modification or disclosure,” said the OAIC in a statement.
“The investigation will also consider whether Medibank took reasonable steps to implement practices, procedures and systems to ensure compliance with the Australian Privacy Principles (APPs).”
If the OAIC finds that Medibank’s data handling procedures interfered with customer privacy, then the commissioner may impose changes that would prevent the security issue from continuing or future breaches occurring.
Furthermore, if the investigation finds that this is a serious or repeated breach, Medibank could face penalties of $2.2 million for each violation.
While it won’t affect Medibank, in response to the recent data breaches, the government has just passed a bill that would raise the fine for serious or repeated breaches from $2.2 million to $50 million.
The launch of the investigation comes just after the Medibank hackers have seemingly given up, after they posted what is assumed to be the rest of the data.
The hackers claimed to have stolen 200GB worth of data compressed down to 5GB, and the final dump of data contained 5GB of compressed data.
Furthermore, in the post, the hackers stated, “Happy Cyber Security Day!!! Added folder full. Case closed.”
The hackers had demanded a ransom of $15.6 million, which with support from the government, Medibank refused to pay.
Be the first to hear the latest developments in the cyber industry.
