APRA pressures Medibank on cyber enhancements post-breach
By 
Kyle Brasseur2023-06-28T13:18:00
The Australian Prudential and Regulation Authority (APRA) will require Medibank Private to hold 250 million Australian dollars (U.S. $166 million) in extra capital until the insurer remediates identified cybersecurity weaknesses after a significant data breach.
The action by APRA, announced Tuesday, follows a cyber incident last year in which 9.7 million past and present Medibank customers had their data stolen by a hacker. The data exposed included first and last names, addresses, dates of birth, Medicare numbers, policy numbers, phone numbers, and some claims data.
The incident was one of the most significant data breaches ever experienced in Australia, said APRA, the country’s prudential regulator of the financial services industry.
Related articles
-
PremiumNAVEX report: Driven by cyber threats, infosec compliance top of mind
Compliance teams are taking more responsibility for issues related to information security and data privacy, motivated by increasing threats posed by data breaches and cyber intrusions, according to a new survey from NAVEX.
-
PremiumShades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
PremiumVerizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
More from Regulatory Enforcement
-
News BriefFreight forwarder fined $1.6M after using OFAC-blocked Venezuelan, Iranian carriers
A Houston-based freight forwarder, Fracht FWO Inc., will pay $1.6 million for violating U.S. sanctions tied to Venezuela and Iran, according to the Treasury Department’s Office of Foreign Assets Control (OFAC). The fine comes as OFAC ramps up enforcement in recent months.
-
ArticleCFTC clears deck of ‘compliance’ enforcement actions to focus on fraud
BNY, Citigroup, Santander, UBS, and two other financial institutions paid a total of $8.3M to settle separate compliance violations with the CFTC.
-
News BriefHong Kong securities regulator hits repeat offender Deutsche Bank with $3M fine
Deutsche Bank has agreed to pay a $3 million fine and has returned $5 million in fee overcharges to customers as part of a resolution with Hong Kong’s financial services regulator.