Medibank Won’t Release Cyber Attack Report, Citing Security Risks
Medibank has commissioned a report into its cyber attack, but won’t be making it public, citing security risks.
Australia’s largest health insurer said it has already implemented recommendations from the Deloitte report.
“Deloitte has made recommendations to enhance Medibank’s IT processes and systems,” the company told investors this morning.
“A number of recommendations have already been implemented, and Medibank intends to implement all recommendations not already undertaken, along with other enhancements previously planned by Medibank.”
The review includes “confidential and sensitive information” about the company’s security measures, and therefore won’t be released to the public.
“We don’t think it is in the interests of our customers or the broader Australian community to publicly release their findings given the security risks this would pose, not only to Medibank but other Australian businesses,” a Medibank spokesperson said.
“Medibank has completed a range of enhancements to meet this expectation and the board will continue to oversee the completion of steps to implement the recommendations to enhance systems and processes even further,” Medibank chair Mike Wilkins said.