The hackers are getting smarter. Or maybe big companies have dropped the ball on cyber security measures. More likely it is a combination of both.

Either way, cyber security is one of the biggest issues Australian companies face right now.

Medibank Private Limited (ASX: MPL) last month joined Optus as the second major company to have a serious data breach in recent weeks. These incidents added to those experienced by NAB and Telstra, who announced earlier the same month that the names and email addresses of some of their employees had also been leaked at a third-party provider of reward programs.

Following the announcement of Medibank’s data breach, $1.75 billion was instantly wiped from Medibank’s shares, as they plunged by 18% to an 18-month low of $2.87. The stock is now trading even lower at $2.81 (as at market close on 15th November).

With the company’s announcement last Wednesday that the suspected cyber criminals responsible for hacking customer data had started releasing files on the dark web, the situation with Medibank escalated even further.

Given these two major data breaches of Optus and Medibank, Minister for Cyber Security Clare O’Neil flagged multiple reforms on Sunday to protect personal data, including making it illegal to meet ransom demands.

The Government also put aside $5.5 million in this year’s budget to investigate the Optus hacks, and pledged $31.1 million to extend a program for securing government networks.

A solution may already exist, with a technology known as ‘lock and alert’, via an app called Credit Savvy. This technology helps customers temporarily ban access to their credit reports if they are worried their identity has been compromised. A ban helps prevent new credit from being taken out in that customer’s name by blocking credit checks.

While a Standard and Poor’s Global report into banking cyber security found that the overall level of cyber risk for the Australian banking system was low, it showed there was a growing threat for lenders, with regional banks the most exposed.

The report also highlighted a cyber security skills shortage, likely to reach 3,000 workers by 2026, largely due to start-ups receiving 300 times less funding.

Past performance is not a reliable indicator of future performance.

Sources: 

• Business news australia, Criminal starts releasing Medibank customer data
• ABC, Cyber Security Minister Clare O’Neil flags multiple reforms to protect personal data after Medibank data leaks
• Financial review, Optus hack prompts $5.5m for privacy commissioner
• Creditsavvy, Identity theft can damage your Credit Score
• 7 News, Cybersecurity industry to face shortage of workers in face of escalating data breaches
• The sunday morning herald, Cyberattack on Australian bank could threaten financial system, but risk is low