Staying safe online

Helpful resources and advice on protecting your information, and being vigilant to scams.

Steps you can take to protect yourself

We urge you to be vigilant to scams and take extra precautions to stay safe.
Be alert

Be alert for any phishing scams that may come to you by phone, post or email

Scammers can pretend to be from Medibank, ahm, financial institutions, telecommunications carriers, government, or other brands and service providers.

Learn more: What is phishing?

magnifying glass

Verify any communications you receive to ensure they are legitimate

Pay attention to the sender of any communications you receive. Instead of clicking links within emails or text messages, visit the organisation’s website or app for more information.

Learn more: Identify phishing message


Do not open texts or emails from unknown or suspicious numbers or email addresses

If you receive any suspicious emails or texts, please report them to ScamWatch.

Learn more: How to spot phishing scams

Bank card

Do not provide personal or credential information

Medibank will never contact you to demand money, ask for your password or sensitive information, or attempt to call you outside of business hours unless by prior arrangement.


Monitor your bank accounts for any unusual or fraudulent activity

We recommend staying vigilant to fraudulent transactions.


Change your passwords regularly with ‘strong’ passwords

Where available, activate multi-factor authentication on any online accounts you have.

What to do if you have been scammed

If you have been impacted by a scam, it’s important to act quickly.

Financial information

If you believe you have been scammed and supplied financial information, including your credit card, debit card or bank account information, reach out to your bank straight away to report this.


Personal information

If you have provided other personal and/or credential information, please complete the IDCARE Get Help form to get help.


Report suspicious activity

If a person contacts you threatening to release your data unless payment is made, please report this immediately to ReportCyber via their website or on 1300 292 371.

To report a scam, please do so via ScamWatch. If there is an imminent threat to your safety call Triple Zero.

For more advice on what to do if you suspect you've been scammed, use the Australian Cyber Security Centre's Have you been hacked? interactive tool.

More information from the Australian government

The government has issued a fact sheet about this cybercrime event and the steps you can take to safeguard your data.

Cybercrime support and advice

Our dedicated Cyber Response Support Program includes practical and emotional support for our current and former customers who have been affected by the cybercrime.
Customer support icon


Avoid or handle identity theft, and manage scams that may be related to cybercrime.

Latest updates


Manage the mental health and wellbeing impacts of the cybercrime.


Protect yourself from the risks of cybercrime.

Latest updates


Answers to your most common questions about the cyber event.