Cyber

Australian Information Commissioner Launches Formal Medibank Data Breach Investigation

Editorial Desk
Editorial Desk

The Australian Information Commissioner’s Office (OAIC) has begun examining Medibank’s processes regarding the management of personal data in relation to its recently reported security lapse. This follows the OAIC’s preliminary inquiries into the Medibank data breach in October.

The OAIC’s investigation will focus on whether Medibank took reasonable steps to protect the personal information they held including:

  • Misuse.
  • Interference,.
  • Loss.
  • Unauthorised access.
  • Modification or disclosure.

The inquiry will also review whether Medibank put in place sensible measures to guarantee that the Australian Privacy Principles (APPs) were followed.

Should the OAIC’s investigation lead the Commissioner to conclude that customers privacy has been breached, the Commissioner can make a decision that could necessitate Medibank to take steps to make sure the action or practice does not happen again.

If the investigation reveals considerable and/or recurrent intrusions of privacy in contradiction of Australian privacy law the Commissioner has the authorization to ask for civil penalties through the Federal Court to a maximum of $2.2 million for each breach.

Australian Information Commissioner and Privacy Commissioner Angelene Falk reminded organisations covered by the Privacy Act 1988 to ensure they take reasonable steps to protect the personal information they hold.

“All organisations should review their personal information handling practices to ensure reasonable security safeguards are in place,” said Falk

Taking into account that the security violation includes personal information, the OAIC reminded Medibank customers who have been affected that they may get help through the customer service hotline of Medibank.

In line with the OAIC’s Privacy regulatory action policy, the OAIC will await the conclusion of the investigation before commenting further.

According to the Notifiable Data Breaches scheme,, entities that are regulated by the Privacy Act are obligated to notify those affected by the data breach and the Australian Information Commissioner in a prompt manner.

By Editorial Desk
The TBN team is a well establish group of technology industry professionals with backgrounds in IT Systems, Business Communications and Journalism.
Previous Article NBN Co Nokia deploys next-generation fibre technology. NBN MF-14 greener, faster nbn network. Nokia and NBN Co Announce Deployment of Nokia’s Next-Generation Broadband Platform
Next Article Equinix planning to build data centre JH1 in Malaysia Equinix Enters The Asian Market With Plans To Build New Data Centre JH1 in Malaysia
Leave a comment

Leave a Reply

OAIC opens investigation into Medibank over data breach

Tech Articles

Influence Of Artificial Intelligence (AI) On Humanity

The Rising Influence Of Artificial Intelligence (AI) On Humanity And Identity

Humanity in Transition: The Rising Influence of Artificial Intelligence on…

Attitudes Toward Work Manifest The Rise of AI

Did Our Collective Attitudes Toward Work Manifest The Rise of Artificial Intelligence? (AI)

It’s definitely something to think about. There’s a fine line…

Content creation platforms leveraged for phishing attacks

Phishing Attacks Exploit Content Creation Platforms

Content creation platforms are being leveraged for phishing attacks. Its…