Medibank’s systems are back online after being shut down over the weekend for a security upgrade. The move was part of efforts to strengthen its resilience after the October data breach that affected 9.7 million customers.
The Australian insurance group said its IT systems were taken offline for planned “maintenance” work involving IT security consultants from Microsoft. The distribution was made at Medibank’s headquarters in Melbourne.
“Given the complexity of the maintenance activities and the requirement to take our systems offline, this operation has been in the planning stages for several weeks,” the company said in a statement.
All customer-facing platforms were tested and IT systems were back online ahead of schedule on Saturday, operating with enhanced security features, he added. Customers regained access to Medibank’s website and apps, which went offline during the upgrade, but retail outlets and call centers remained closed until Monday.
The Australian company noted that no suspicious activity was detected within its systems since the data breach was announced on October 12.
It said it had implemented several measures to increase its security since the incident, including two-factor authentication in its contact centers when customers request support and additional detection and forensics features. It also expanded analytics capabilities through third-party specialists.
Medibank said it was still analyzing data released by cybercriminals on the dark web, noting that no additional files had been released since December 1 when hackers released six sealed files containing compromised customer data .
The files reportedly contained all the remaining data that was stolen during the breach, before which the hackers involved in the theft had released the files in batches along with ransom demands. Medibank had said it would not pay any compensation.
The October security breach affected 9.7 million current and former customers, including 1.8 million international customers, and exposed data such as names, dates of birth, phone numbers and email addresses. Some customers’ health claims records were also accessed, including locations where they received medical services and codes associated with diagnoses and procedures administered.
According to Medibank, there was no indication that financial or banking details had been compromised and the stolen data alone was insufficient to facilitate identity or financial fraud.