Medibank AGM: David Koczkar and Mike Wilkins defended the insurance company’s handling of hacking cyberattacks

A senior Medibank executive has defended the company’s decision not to pay a ransom to Russian hackers who exposed clients’ sensitive health information on the dark web.

The board of Australia’s largest private health insurer faced shareholder frustration at its annual general meeting on Wednesday, a month after hackers stole around 9.7 million data from current and former customers.

Medibank chief Mike Wilkins defended the company’s handling of the massive cyberattack, saying at the meeting in Melbourne that it was “unprecedented”.

“From the beginning, Medibank has been committed to doing the right thing by our customers, employees and the community regarding this cybercrime,” he said.

This includes our decision not to pay any ransom demand for this data theft.

“Based on extensive advice from cybercrime experts, we have come to the view that there is limited opportunity to pay a ransom to ensure the return of our customers’ data and prevent it from being made public.”

Most of the Medibank customers affected by the cyberattack had their basic personal information stolen, including their names, addresses, and phone numbers.

However, 480,000 of those customers also had health claims they filed with the insurance company plagiarized.

Hackers posted sensitive data, including information about people’s mental health status, drug and alcohol use, and abortions on the dark web.

Mr. Wilkins “apologies unreservedly” to everyone affected by the “despicable” crime.

He insisted that Medibank was “transparent” in communicating the hack with customers.

Medibank CEO David Koczkar told shareholders that Medibank was in the process of directly contacting customers whose health data had been compromised or disclosed.

Mr. Kocakar said that the insurance company has always taken IT security “very seriously”.

“We believe our operations have been strong, although clearly not strong enough in this circumstance. We will seek to learn from that once this review is completed.

Most of the questions shareholders put to Medibank’s board related to the cyberattack and how it managed to happen.

The Australian Federal Police has identified cyber criminals in Russia as the perpetrators.

AFP Commissioner Rhys Kershaw said last week that AFP would try to speak to Russian law enforcement about the ransomware suite, as he called on authorities in Moscow to cooperate with the investigation.

Mr Kershaw said AFP knew the identities of the individuals involved, but did not name them when he spoke to reporters in Canberra last Friday.

Originally published as Medibank executives defend hack handling at insurer’s AGM

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *