Medibank moves to block hacking investigation

The news: Health insurer Medibank is requesting the Federal Court block a complaint to the privacy commissioner to avoid multiple proceedings taking place simultaneously, Nine papers report. The insurer said the presiding judge in a common law Federal court class action had directed Medibank to take action against the Office of the Information Commissioner, which is well advanced in investigating a complaint under the Privacy Act after last year's hacking scandal.

The numbers: In October 2022, hackers accessed the personal details of 9.7 million current and former Medibank customers along with health claims for 160,000 customers and a further 300,000 claims for customers of ahm, the insurer's budget offering.

The context: Medibank says it is not trying to prevent the OAIC's investigation which could result in multi-million dollar fines if it finds the health fund's cyber security was lacking. Maurice Blackburn, which lodged the Privacy Act complaint, said action against the OAIC investigation could curtail victim compensation, as provisions for emotional suffering and distress were only covered under Privacy Act but not under the Federal Court case which would deal more with economic loss under common law.