Angry Medibank and ahm customers are gearing up for a major lawsuit as a possible class action lawsuit against the health insurance giants looms.
Last month, Medibank – one of the country’s largest private health insurers – announced that it had been hit by a “cyber incident”.
Since then, it has emerged that the personal information of nearly 10 million Australians has been breached after the credentials of an employee with high-level access to Medibank systems were obtained and sold to hackers on a Russian cybercriminal forum.
The group has been posting highly sensitive customer data on a dark webblog linked to Russian ransomware group REVil since last week, including information about people’s mental health status, drug and alcohol use, and previous abortions resulting in non-viable pregnancies such as fetal abnormality, ectopic pregnancy, molar pregnancy, miscarriage and readmission for complications such as infection.
Now Bannister Law Class Actions and Centennial Lawyers have joined forces to investigate the serious data breach affecting approximately 5.1 million Medibank customers, 2.8 million ahm customers and 1.8 million international customers.
Bannister Law Principal Charles Bannister said news.com.au’s lawyers had already been “inundated” with potential plaintiffs and countless clients were already seriously affected by the shocking breach.
He explained that many people have complained that their personal information is being used to access bank accounts, while others, including those affected by domestic violence, have been left scared after their addresses were compromised – but added, that the company “did not seem to realize the ramifications of this leak”.
Do you want to stream your messages? Flash lets you stream over 25 news channels in one place. New to Flash? Try 1 month free. Offer available for a limited time only >
“There are understandably despairing victims of domestic violence because their address details are being released. We see widespread problems,” he said.
“Some people literally live in fear for their lives if their addresses are made public, others live in fear of public ridicule, job loss and broken relationships if their sensitive medical information is made public.
“Others risk being blackmailed if their HIV status or other health information is made public. Some of Medibank’s customers and ahm will be police officers or security guards who are at great personal risk if their personal information and that of their close family members is made public.”
Bannister Law Class Actions revealed that it had suggested 24-hour security to some plaintiffs, who have a high public profile and whose home address is highly confidential, noting that Medibank has a duty to protect customers.
“Medibank promises to securely store member information and to implement a variety of security controls (including physical, technical and procedural safeguards) to protect personal information. They claim that their employees and contractors regularly receive targeted privacy training,” the company said in a statement.
“They claim (they) to retain personal data only for as long as is necessary to provide products and services to their members or to lawfully comply with their business and legal obligations and requirements. We have registrants whose policy is 10 years old and who have been notified that their data was affected by the breach.
“Most importantly, they promise that, where possible and appropriate, they will attempt to de-identify personally identifiable information such that an individual’s identity cannot be readily determined from the de-identified information or from the triangulation of your de-identified information.” can be ascertained from other sources of information.”
It said that Medibank’s “failures” “betrayed its members” and “exposed them to real harm” and that “many people are distressed and concerned and have every right to be angry”.
Bannister Law Class Actions and Centennial Lawyers are now preparing court proceedings to commence a class action and expect to file a lawsuit shortly.
The law firms are asking all affected current and former Medibank and ahm customers, including international customers, to do so register here.
A Medibank spokeswoman said the company “would not speculate about possible litigation,” but added that while it understands “several law firms are investigating a possible class action lawsuit related to this cybercrime,” the firm “has not been contacted by any law firm.” a class action”.
“Scumbag” hackers whipped
Last week Home Secretary Clare O’Neil criticized the “scumbag” hackers responsible for stealing sensitive data from Medibank and releasing information about women who had terminated their pregnancies for various reasons.
The information, posted online on the dark web forum called “Abortion,” included a table with the names and personal information of 303 patients and policyholders, as well as billing codes for cancellations.
The group allegedly behind the hack also released the details of more than 240 people last week in a file titled “boozy,” which contained sensitive information about people’s mental health and alcohol problems.
“We stand by you as Parliament and as Government,” Ms O’Neil told victims of the parliamentary split.
“You have the right to keep your health information private and what happened here is morally reprehensible and criminal.”
On Friday, the Australian Federal Police announced they had identified cybercriminals in Russia as the perpetrators of the Medibank hack, and AFP Commissioner Reece Kershaw urged Moscow to cooperate in the investigation.
“It’s important to note that Russia benefits from Interpol’s sharing of intelligence and data, and with that comes responsibility and accountability,” Mr. Kershaw told reporters.
However, Medibank chief executive David Koczkar warned that he expects the group to “continue to release stolen customer data every day.”
“The relentless nature of this tactic employed by the criminal is intended to cause harm and harm,” he said in a statement Friday morning.
“There are real people behind this data and misuse of their data is unfortunate and may prevent them from seeking medical care.
“It’s obvious that the criminal enjoys notoriety. Our sole focus is on the health, well-being and care of our customers.”
#Medibank #revenge #desperate #victims