The criminals who stole data from Australia’s biggest health insurer, Medibank, have shared a fifth set of files with nearly 1500 medical records, more than doubling the number of records released.
, said Medibank must make sure that customers are quickly informed if their records have been published.and Mr O’Donnell said the insurer had a duty of care to clearly communicate with every affected customer.“Responsibility for the data breach rests squarely with Medibank,” he said. “It has an absolute duty of care to every customer whose personal information has been entrusted to it.
Data released last week contained information from a file sent to Medibank by the criminals before October 25. But the insurer chose not to call those customers – including women whose abortion records were later made public – and instead sent them a letter, which a number of customers said they had not received.“Medibank has assured AFAO that it will directly contact any customer if their HIV information is released to the dark web,” Mr O’Donnell said.