Medibank data hack: ransomware group threatens to release customer information

Medibank has confirmed almost 500,000 health claims were accessed and the personal details of former and current customers were exposed when an unnamed group hacked into its system weeks ago.

The post did not include data samples to back up its threat.

Meanwhile, two law firms, including one behind a successful case involving an Ambulance NSW data breach, say they believe Medibank betrayed customers and breached the Privacy Act by not stopping the hack.

The law firms will investigate the terms of the contracts the medical insurance firm provided to customers and whether damages are appropriate.

No case has been filed with a court.

The hacker accessed the health claims of about 160,000 Medibank customers, about 300,000 claims from offshoot ahm customers, and about 20,000 international customers.

Names, dates of birth, address, phone numbers and email addresses were also accessed, raising concerns about future identity fraud.

No credit card or banking details were accessed.