Prospective health insurance customers who applied for quotes with ahm have been caught up in the data breach affecting millions of Medibank customers.
- The personal information of up to 9.7 million Medibank customers was stolen and released in October 2022
- People who had obtained quotes with health insurer ahm, part of Medibank, have been caught up in the data breach
- The leaked information includes names, genders, dates of birth, addresses, and phone numbers.
The ahm health insurance brand is part of Medibank, which was hacked in October 2022 and the personal information of up to 9.7 million customers was published on the dark web.
The ABC saw an email sent late last week to a potential ahm customer who had gotten a quote, informing him that his details had been stolen and posted by online hackers.
The breached data of those who had requested quotes included full names, dates of birth, emails and where they were provided to ahm, genders, addresses, and phone numbers.
In the email, ahm apologized, saying the company “recognized the distress this can cause.”
Maurice Blackburn Lawyers, Bannister Law Class Actions, and Centennial Lawyers have joined together to launch a class action lawsuit against Medibank for the data breach.
Private Healthcare Australia chief executive Rachel David said the length of time organizations kept information on people who got quotes varied.
“I think a couple of years sounds a bit long,” he said.
“I think in light of the issues that have occurred with the data breach, this is one of the things that the health funds will look at.”
Medibank did not respond to ABC’s questions about how long it stored personal information related to quotes or how many people who had requested quotes had their data stolen.
A Medibank spokesperson said the company withheld quote-related information for “a period of time, as potential customers generally shop around and often end up coming back to take out a policy with us.”
“Instead of customers needing to enter all their information again, their quote stays in the system for a period of time.
“We sincerely apologize to all customers who have been affected by cybercrime.”
The spokesman said Medibank had created a Cyber Response Support Package for all customers, including those who got quotes, which included mental health, identity protection and financial hardship measures.