[NoPicklez]

I think if we operate under the classic it's not if but when, when it comes to data breaches. Then switching providers isn't always the best idea in these situations. If anything, Medibank's security should be significantly bolstered following the attack as executives, recruitment etc will now have realised the impacts of a data breach. Not something every company has had to deal with YET.

What I do worry about is corroborated information, if you were involved in the Optus breach which realistically is likely for many of us. Then your leaked driver's licence number including your medibank number can start to make up that 100 points of ID check.

Therefore I suspect that people should be having either their DL or Medibank number changed, if they've been confirmed in the breach.

[ggm]

My partner pointed out to me this morning that we might chose to be casual about our medical history, but if the affiliate organisation is for overseas students, and they come from regimes with repressive views on abortion or gender, then medical history leak could be extremely damaging for them.

And you're right about optus+medibank getting over the 100pts threshold. That would be a really serious consequence for those people.