Nearly 4 million Medibank customers have potentially had their personal details accessed after the health insurer was targeted by hackers last week.
A “significant cybersecurity incident” occurred within Medibank, Home Affairs Minister Clare O’Neil confirmed.
Medibank halted trading on Wednesday after receiving ransom demands from the alleged hackers.
“Medibank is working urgently to establish if the claim is true although, based on our ongoing forensic investigation, we are treating the matter seriously at this time,” the health insurer said in a statement.
At the time of the cyber attack last week, the health insurer said there was no evidence any sensitive data, including customer data, had been accessed.
O’Neil said the incident had been referred to the Australian Federal Police for investigation and acknowledged Australia was facing a new world of “relentless” cyber attacks.
"This is the new world that we live in, we are going to be under relentless cyber attack essentially from here on in," the Minister told ABC Radio.
O’Neil said facts were still being established and it was too early to determine how many customers had been affected.
"But the reason I am so concerned about this at the moment is because, of course, the sensitive nature of the information involved,” she said.
"If you think about a lot of cybercrime, it relates to financial or identity information, which is very problematic when it comes into the public realm.”
The hack potentially impacts Medibank’s 3.9 million customers, plus potentially more customers from ahm.
Medibank apologised to its customers for the cyber attack.
“Our systems have not been encrypted by ransomware, which means usual activities for customers continues,” it said in a statement.
“We understand this news may cause you concern and we’re sorry.”