Last October, Medibank disclosed that a hacker had gained data of 9.7 million current and former customers and released the data on the dark web.
The company breached its disclosure obligations by not revealing information regarding the alleged deficiencies in its cyber security systems, US-based law firm Quinn Emanuel Urquhart & Sullivan alleged in its class action lawsuit.
Medibank said it intends to defend itself, while Quinn Emmanuel did not respond immediately for comment.
A similar lawsuit was filed in early February by law firm Baker & McKenzie, which alleged a breach of contract and contraventions of Australian consumer law.
Medibank was one of the many Australian companies that have been targeted by hackers since September last year, with Rio Tinto and Latitude Group the latest additions.
Discover the stories of your interest
Medibank’s shares ended 0.3% higher on Wednesday. The stock has fallen about 3.8% since it disclosed the hack last October. 2022 data breach
Medibank, which covers one-sixth of Australians, said last year that an unidentified person showed the company stolen personal information of 100 customers, including medical diagnoses and procedures, as part of a theft of 200 gigabytes of data, first disclosed by the company a week earlier.
The company did not say how many of its 4 million customers were likely to have been affected but warned the number was likely to rise. The Australian Federal Police had opened an investigation into the breach.
The disclosure added a new layer of angst to a wave of cyber attacks on Australia’s biggest firms since number two telco Optus, owned by Singapore Telecommunications Ltd, revealed that data of up to 10 million customers may have been stolen.
The Sydney Morning Herald reported that it obtained a message from a person claiming to be the Medibank hacker threatening to publish medical records of high-profile individuals unless the person were paid.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
