APRA pressures Medibank on cyber enhancements post-breach
By 
Kyle Brasseur2023-06-28T13:18:00
The Australian Prudential and Regulation Authority (APRA) will require Medibank Private to hold 250 million Australian dollars (U.S. $166 million) in extra capital until the insurer remediates identified cybersecurity weaknesses after a significant data breach.
The action by APRA, announced Tuesday, follows a cyber incident last year in which 9.7 million past and present Medibank customers had their data stolen by a hacker. The data exposed included first and last names, addresses, dates of birth, Medicare numbers, policy numbers, phone numbers, and some claims data.
The incident was one of the most significant data breaches ever experienced in Australia, said APRA, the country’s prudential regulator of the financial services industry.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumNAVEX report: Driven by cyber threats, infosec compliance top of mind
Compliance teams are taking more responsibility for issues related to information security and data privacy, motivated by increasing threats posed by data breaches and cyber intrusions, according to a new survey from NAVEX.
-
PremiumShades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
PremiumVerizon report: Lion’s share of data breaches linked to organized crime
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
More from Regulatory Enforcement
-
News BriefFRC fines PwC, auditor combined $4.1M over 2019 work of Wyelands Bank
The U.K. Financial Reporting Council issued penalties against PwC and a former auditor over deficiencies on work related to the 2019 financial statements of now shuttered Wyelands Bank.
-
News BriefDOJ fines MORSE Corp $4.6M for lax cyber controls amid crack down on federal contractors
Yet another government contractor has been slapped with a fine by the Department of Justice for applying lax cybersecurity defenses on sensitive government data.
-
News BriefEU regulator questions 'culture of compliance' with Digital Markets Act at Apple, Google
The European Commission released its preliminary findings last week regarding Apple and Google not complying with the Digital Markets Act. It issued orders to both companies regarding their business practice and plans to release all of its findings next week.