AFP adds Medibank breach to Operation Guardian

Suggests leaked data is authentic.

The Australian Federal Police has expanded the remit of Operation Guardian to cover the Medibank data breach after customer details were published online in the early hours of Wednesday.

Operation Guardian kicked off at the beginning of October as a cross-agency effort that includes the Australian Federal Police, all state and territory Police, the Australian Cyber Security Centre (ACSC), the Australian Banking Association (ABA), IDCARE and the Customer Owned Banking Association.

It was originally launched to protect 10,000 Optus customers whose data was published online.

Investigations into the breaches are being handled under separately codenamed operations.

Medibank said that sample data published by ransomware operators today included “personal data such as names, addresses, dates of birth, phone numbers, email addresses, Medicare numbers for ahm customers (not expiry dates), in some cases passport numbers for our international students (not expiry dates), and some health claims data.”

The AFP's expansion of Operation Guardian to cover Medibank customers suggests the leaked data is genuine.

The company expects the data releases to continue, and urges vigilance upon affected customers. It has refused to give in to the hackers' demands to pay a ransom.

Medibank CEO David Koczkar repeated his apology to customers, adding: “This is a criminal act designed to harm our customers and cause distress.”

