Yes. The Medibank breach occurred on October 12, 2022, affecting 9.7 million records.

What data was exposed in the Medibank breach?

The 2022 Medibank breach exposed health data of 9.7 million Australians including medical claims. Learn what was leaked and what to do.

What should I do if I was affected by the Medibank data breach?

Check if your data was exposed using our free tool, change your passwords, enable two-factor authentication, and monitor your accounts for suspicious activity.

Medibank Data Breach

Critical Severity 9.7 million records affected Published February 10, 2026

Company	Medibank
Breach Date	October 12, 2022
Disclosure Date	October 13, 2022
Records Affected	9.7 million

In October 2022, Australian health insurer Medibank suffered a devastating data breach that exposed personal and medical data of 9.7 million current and former customers. The attackers released sensitive health claims data on the dark web after Medibank refused to pay a ransom.

What Happened

Attackers gained access to Medibank's systems using stolen credentials belonging to a contractor with access to Medibank's internal systems. The credentials were obtained via infostealer malware on the contractor's personal device. Once inside, the attackers spent weeks accessing and exfiltrating customer data including highly sensitive health claims information. When Medibank refused to pay the ransom demand (reportedly $10 million), the attackers published the stolen data on the dark web in stages, including files labeled "abortions," "mental health," and other sensitive medical categories. The attack was attributed to a Russian-linked ransomware group. Australian authorities sanctioned a Russian national in connection with the breach.

What Data Was Exposed

Full names
Dates of birth
Email addresses
Phone numbers
Addresses
Medicare numbers
Health claims data (diagnoses, procedures, provider details)
Passport numbers and visa details (for international students)

Who Is Affected

Approximately 9.7 million current and former Medibank, ahm, and international student customers were affected. This included 5.1 million Medibank customers, 2.8 million ahm customers, and 1.8 million international student customers. The exposure of health claims data made this particularly harmful.

How to Check If You Were Affected

Medibank contacted affected customers directly. Visit medibank.com.au/cyber-security for the latest information. Check HaveIBeenPwned.com to see if your email was in the breach. If you were a Medibank, ahm, or international student insurance customer, assume your data was compromised and take protective measures.

What You Should Do Now

Monitor for identity fraud and unauthorized use of your Medicare number
Contact Services Australia to flag your Medicare number
Access free mental health support services offered by Medibank
Be extremely cautious of scammers referencing your health information
Place a ban on your credit file with Australian credit bureaus
Consider replacing identity documents if passport or license numbers were exposed
Contact IDCARE for specialist identity theft support in Australia
Report any extortion attempts to Australian Federal Police

Last updated: February 10, 2026