[ad_1]
Health insurance giant Medibank is facing a fine in the trillions of dollars, after the Australian Information Commissioner filed proceedings in the Federal Court over its 2022 cyber attack.
Medibank and its subsidiary ahm were hacked in October 2022.
Some customer data was posted to the dark web soon after, with the hackers intentionally targeting sensitive patient information, including that of people who’d had pregnancy terminations.
The commissioner now alleges that Medibank seriously interfered with the privacy of 9.7 million Australians by “failing to take reasonable steps to protect their personal information”.
It is subsequently going after the company for misuse and unauthorised access or disclosure in breach of the Privacy Act 1988.
Each individual contravention comes with a maximum penalty of $2.22 million.
The commissioner is alleging a contravention for each of the 9.7 million customers, which works out to a potential maximum fine of more than $21 trillion.
It will be up to the Federal Court whether any fines are applied.
The hack on Medibank was one of the biggest ever to hit Australian consumers, sitting alongside other headline-making breaches such as those experienced by Optus and Latitude.
The group’s net profit after tax for the first half of FY 2023 was up 5.9 per cent to $233.3 million.
Its revenue rose 1.3 per cent to $3.65 billion.
More to come.
Posted