Close this search box.

Medibank Breach: Aftermath and Future of Cybersecurity


Confidentiality concerns surrounding high-Profile cyberattack

In the wake of October 2022’s cyberattack on Medibank, which exposed private information of approximately 10 million customers on the dark web, the company has chosen not to disclose the findings of an external review due to security concerns.

A Medibank spokesperson explained that the review would not be made public due to the confidential and sensitive nature of the cybersecurity measures discussed. The company believes that revealing the findings could potentially pose security risks to not only Medibank but other Australian businesses as well.

The Medibank breach outcome

The hackers managed to acquire names, phone numbers, Medicare numbers, and sensitive health information of about 10 million Medibank customers during the cyberattack.

What caused the breach?

The Medibank data breach occurred due to the theft of internal credentials, presumably belonging to an individual with privileged system access. It is suspected that these credentials were obtained through phishing, which involves sending deceptive emails with malicious links to credential-stealing websites.

In this case, the hackers gained immediate access to privileged account details, allowing them to bypass the time-consuming process of searching for higher-level credentials within the network, known as ‘lateral movement.’ As a result, the cyberattack pathway was significantly shortened, enabling the data breach to be carried out much more swiftly.

Navigating the cybersecurity landscape: lessons from a major Australian data breach

As millions feel the personal impact of the breach, customers and shareholders have resorted to legal actions seeking justice. The aftermath sees separate class actions initiated by both groups against Medibank.

This event emphasises the need for organisations to proactively defend their data and systems, as well as the value of cultivating a cybersecurity-aware culture to stay ahead of threats. Ultimately, this breach serves as a lesson and a driving force for change, prompting businesses throughout Australia to prioritise resilient cybersecurity.

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.


Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235


Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →



Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution



A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →