Australia’s biggest health insurer Medibank Private Ltd said it expected the number of customers affected by a massive data breach to grow, after it discovered policy records of a further 1,000 customers had been stolen.
Medibank, which provides coverage to one-sixth of Australians, said last week an unidentified person had shown the company stolen personal information of a 100 customers, including medical diagnoses and procedures.
On Tuesday, the company said it had received more files from the criminal, showing information including personal and health claims data of more patients as well as files with some Medibank and international student customer data.
“Given the complexity of what we have received, it is too soon to determine the full extent of the customer data that has been stolen,” the company said in a statement.
“As we continue to investigate the scale of this cybercrime, we expect the number of affected customers to grow as this unfolds.”
Medibank’s is the latest in a series of cybersecurity incidents that have rocked corporate Australia, including a breach late last month at the country’s no. 2 telco Optus, which compromised the data of up to 10 million customers.
An investigation by the Australia Federal Police into the Medibank hack is ongoing.