Medibank Data Breach

Greg Williams 16 November 2022

Quite rightly, we have had a number of current and former Medibank customers who have contacted us for advice as to what they should do to protect themselves.  In light of the previous Optus data breach, the opportunity for scammers in Australia has now reached next level.  And it was already bad enough!  Here is our advice, noting that less is more....

Contact your Bank

Contact your Mobile Phone Provider

What are scammers likely to do with your stolen identity?

Breaking down the Medibank advice

Let me explain. No, there is too much. Let me sum up.  Seriously, what is it with Banks, Government and pretty much any large organisation?  It's pretty clear they want to be able to say "I told you so" so that if you get scammed, it's not their fault!  The Medibank breach is a case in point.

Medibank Advice to Customers.pdf

What data has been stolen?

Medibank makes a reasonably firm statement in this regard

If they are going to write to you personally they must know whether or not they recorded your email address and phone number and therefore whether or not it has been compromised.  Best to assume they gave up both

What data "may" have been stolen?

They have used the expression We believe the criminal has not stolen: which are weasel words at best.  They must know!

Obviously giving up your health data is bad, it is unclear how a scammer might use this data, their focus is on stealing money so no biggie

Identity Protection

Good advice, sure, but too little too late.  The best way to protect your identity is not to give any information to Medibank or Optus!

"Extra precautions you can take"