APRA pressures Medibank on cyber enhancements post-breach
By 
Kyle Brasseur2023-06-28T13:18:00
The Australian Prudential and Regulation Authority (APRA) will require Medibank Private to hold 250 million Australian dollars (U.S. $166 million) in extra capital until the insurer remediates identified cybersecurity weaknesses after a significant data breach.
The action by APRA, announced Tuesday, follows a cyber incident last year in which 9.7 million past and present Medibank customers had their data stolen by a hacker. The data exposed included first and last names, addresses, dates of birth, Medicare numbers, policy numbers, phone numbers, and some claims data.
The incident was one of the most significant data breaches ever experienced in Australia, said APRA, the country’s prudential regulator of the financial services industry.
Related articles
-
PremiumNAVEX report: Driven by cyber threats, infosec compliance top of mind
Compliance teams are taking more responsibility for issues related to information security and data privacy, motivated by increasing threats posed by data breaches and cyber intrusions, according to a new survey from NAVEX.
-
PremiumShades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
PremiumVerizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
More from Regulatory Enforcement
-
ArticleJudge orders CVS to pay nearly $290M for Medicare false claims
CVS’s Caremark division knowingly overcharged Medicare for prescription drugs and must pay nearly $290 million, a Pennsylvania federal judge has ordered.
-
News BriefSEC charges duo in $275 million water vending machine Ponzi scheme
The owner of a water machine vending company and a portfolio manager were allegedly behind a Ponzi-like scheme that raised more than $275 million, according to the U.S. Securities and Exchange Commission.
-
Basic Page‘Extraordinary cooperation’ pays off for PFS Investments
As regulators shift toward rewarding transparency, self-regulation and self-reporting, the way PFS Investments handled a longstanding problem serves as an example of how proactive remediation can turn a costly compliance error into a manageable regulatory outcome.