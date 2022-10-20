Another data hack has hit Australia, and this time Australia's biggest health insurer fell victim. Medibank Private Ltd, which covers one-sixth of Australians, said on Thursday customers' medical information has been stolen as part of a massive breach of data.

The company said an unidentified person contacted them and showed stolen personal information of 100 customers, including medical diagnoses and procedures. Around 200 gigabytes of data has been stolen in the theft first disclosed by the company a week earlier.

It isn't known how many of its four million customers have been affected, but the company warned the number was likely to rise. An investigation has been initiated by the Australian Federal Police.

A wave of cyber attacks has gripped Australia's biggest firms in recent weeks. Telco company Optus, owned by Singapore Telecommunications Ltd, revealed a month ago that data of up to 10 million customers may have been stolen.

While the issue of hackers using stolen data to access bank accounts has been the primary concern till now, there is a new twist to it. The Sydney Morning Herald has reported that a person claiming to be the Medibank hacker messaged the paper and threatened to publish medical records of high-profile individuals unless the person were paid.

"What we have here is ... healthcare information and that just on its own being made public can cause immense harm to Australians and that's why we are so engaged with this," Cybersecurity Minister Clare O'Neill told the Australian Broadcasting Corp.

Cybersecurity experts are not sure if the two hacks are related. However, they do think that the publicity generated by the Optus attack may have drawn attention in hacker networks.

"When you do have a highly visible breach like Optus in Australia out there, hackers take notice of that and go 'maybe I'll have a go down there and see what I can get away with,'" said Jeremy Kirk, executive editor at Information Security Media Group, a cybersecurity specialist publication.

Optus rival Telstra Corp Ltd also disclosed a small breach of employee data. The top grocery chain Woolworths Group Ltd said certain people had gotten hold of customer database of a bargain website used by 2.2 million shoppers.

Dan Woods, a former FBI cyberterrorism investigator and current head of intelligence at cybersecurity firm F5, told Reuters that Australia had "undoubtedly experienced its worst few weeks from a cybercrime perspective, but on the positive side it's been a wake-up call the country may have needed".

(With inputs from agencies)