Medibank will be closing all branches, IT centres, and going completely offline as it completely overhauls its online security.
The country’s biggest health insurer will be completely offline from 8.30pm on Friday until Sunday, in a bid to “further strengthen our systems and enhance security protections” after one of the country’s worst security breaches in history.
During this window, all customer services branches will be closed and customers won’t be able to access Medibank or ahm services. HICAPS will not be available for on-the-spot claims.
Microsoft’s cybersecurity experts will oversee the upgrade.
“While there has been no further suspicious activity detected inside our systems since 12 October 2022, as part of the next stage of our work we are undertaking maintenance across some of our systems to further strengthen security,” a spokeswoman for Medibank said.
“This follows the recent addition of two-factor authentication in our contact centres to increase the level of security for our customers when they call for support.
“This is a planned operation that involves IT security experts from Microsoft who are joining us in our Melbourne headquarters from across the Asia-Pacific region over the weekend. Given the complexity of the maintenance activities and the requirement to take our systems offline this operation has been in the planning stages for several weeks.
“Since the cybercrime we have bolstered existing monitoring, added further detection and forensics capability across the Medibank system and network and have scaled up analytical support via specialist third parties.
“We are also continuing to analyse the information released by the criminal on the dark web.
“We continue to communicate to our customers, and this week we will begin to communicate with some customers who had limited provider related data stolen, such as provider number, admission date and discharge date. Like most of the data stolen, this data has been released in a raw form and is hard to understand.”
