{
	"id": "d1d5a47f-167c-470b-8cbb-d6382d249778",
	"created_at": "2026-04-06T03:35:41.315393Z",
	"updated_at": "2026-04-10T13:13:04.19594Z",
	"deleted_at": null,
	"sha1_hash": "34552fdac50751a11e9d8ee45c0a90bc1c404750",
	"title": "Medibank cyber incident",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 30958,
	"plain_text": "Medibank cyber incident\r\nArchived: 2026-04-06 03:09:29 UTC\r\nYesterday the Medibank Group detected unusual activity on its network.\r\nIn response to this event, Medibank took immediate steps to contain the incident, and engaged specialised cyber\r\nsecurity firms.\r\nAt this stage there is no evidence that any sensitive data, including customer data, has been accessed.\r\nAs part of our response to this incident, Medibank will be isolating and removing access to some customer-facing\r\nsystems to reduce the likelihood of damage to systems or data loss.\r\nAs a result our ahm and international student policy management systems have been taken offline. We expect\r\nthese systems to be offline for most of the day.\r\nThis will cause regrettable disruptions for some of our customers. ahm and international student customers will\r\nstill be able to contact our customer teams via phone but at this stage our people won’t be able to access policy\r\ninformation.\r\nAlthough there is nothing that customers need to do, Medibank and ahm customers can contact us by phone (for\r\nahm customers 1300 573 942 and for Medibank customers 13 23 31) and an information page on our website is\r\nbeing established to provide the latest updates about the incident.\r\nAs we continue to investigate this incident, our priorities are to ensure the ongoing security of customers, our\r\nemployees, and stakeholder information, and the continued delivery of Medibank services.\r\nInvestigations are ongoing, and Medibank will provide regular updates. Medibank's health services continue to be\r\navailable to our customers, this includes their ability to access their health providers, as we work through this\r\nincident.\r\nMedibank CEO David Koczkar said:\r\n“I apologise and acknowledge that in the current environment this news may make people concerned.\r\n\"Our highest priority is resolving this matter as transparently and quickly as possible.\r\n“We will continue to take decisive action to protect Medibank Group customers and our people.\r\n“We recognise the significant responsibility we have to the people who rely on us to look after their health and\r\nwellbeing and whose data we hold.\r\n\"We are working around the clock to understand the full nature of the incident, and any additional impact this\r\nincident may have on our customers, our people and our broader ecosystem.\"\r\nhttps://www.medibank.com.au/livebetter/newsroom/post/medibank-cyber-incident\r\nPage 1 of 2\n\nSource: https://www.medibank.com.au/livebetter/newsroom/post/medibank-cyber-incident\r\nhttps://www.medibank.com.au/livebetter/newsroom/post/medibank-cyber-incident\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.medibank.com.au/livebetter/newsroom/post/medibank-cyber-incident"
	],
	"report_names": [
		"medibank-cyber-incident"
	],
	"threat_actors": [],
	"ts_created_at": 1775446541,
	"ts_updated_at": 1775826784,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/34552fdac50751a11e9d8ee45c0a90bc1c404750.pdf",
		"text": "https://archive.orkl.eu/34552fdac50751a11e9d8ee45c0a90bc1c404750.txt",
		"img": "https://archive.orkl.eu/34552fdac50751a11e9d8ee45c0a90bc1c404750.jpg"
	}
}