Share this article on:
Medibank has announced that it will be closing up shop for the weekend as it completely revamps its cyber security practices following the major data breach it suffered back in October.
The leading health insurer’s IT systems will be going offline from 8:30pm AEDT starting Friday, 9 December until Sunday, 11 December “at the latest”. Brick and mortar retail stores and the customer contact centre will also be closed on 10 December.
During this time, customers will not have access to services from Medibank or budget brand ahm, with the website and app being down. HICAPS (Health Industry Claims and Payments Service) will also be unavailable.
“While there has been no further suspicious activity detected inside our systems since 12 October 2022, as part of the next stage of our work, we are undertaking maintenance across some of our systems to further strengthen security,” the company said in a media release.
The upgrade comes as part of the company’s “Operation Safeguard”, which will see the insurer work with IT security experts from Microsoft to upgrade their security systems.
“Given the complexity of the maintenance activities and the requirement to take our systems offline, this operation has been in the planning stages for several weeks,” the insurer added.
Since the hack, Medibank has so far added two-factor authentication to its contact centres, “bolstered existing monitoring, added further detection and forensics capability across the Medibank system and network and have scaled up analytical support via specialist third parties”.
The health insurer has also stated that it is continuing to analyse the data leaked by the bad actors responsible for the breach, and has confirmed that at this stage, the number of affected customers has not changed.
The Medibank breach, alongside the prior Optus hack, has been a wake-up call for Australian businesses and the government, who have since moved to quickly bolster the nation’s cyber security practices.
The Office of the Australian Information Commissioner is currently investigating the Medibank breach, which could see the insurer fined $2.2 million if findings reveal that it did not take the necessary steps to secure customer data.
The federal government has just passed legislation that means companies who suffer “repeated” or “serious” breaches going forward could face fines of $50 million. A cyber task force designed to “hack the hackers” has also been established.