OAIC files lawsuit against Medibank for 2022 data breach

The Office of the Australian Information Commissioner (OAIC) has sued Medibank in Federal Court regarding a data breach the health insurer sustained in 2022, which exposed the data of nearly 10 million customers. The OAIC alleges the breach, which occurred as a result of a ransomware attack from a Russian group, was due to Medibank’s negligence, claiming it violated Australian privacy laws. Medibank intends to contest the accusation.