Medibank said it has been notified by class action lawyers Maurice Blackburn that it has lodged a representative complaint with the Office of the Australian Information Commission.

Medibank has not yet been contacted by the OAIC in relation to the complaint.

“The complaint includes allegations that Medibank has breached the Australian Privacy Principles and seeks compensation for individuals whose personal information was exposed as a consequence of the cybercrime,” Medibank’s Senior Executive External Affairs Emily Ritchie confirmed.

The complaint is related to the country’s largest data breach, in which information from close to 10 million Australians was stolen, held for ransom, and then published on the dark web.

“Medibank continues to support its customers from the impact of this crime through our previously announced Cyber Response Support Program which includes mental health and wellbeing support, identity protection and financial hardship measures.

“As previously announced, Medibank will continue to cooperate with the OAIC and its ongoing investigation.”