Australia's Medibank drops after ransomware attack in IT network

(Reuters) -Shares of Medibank Private Ltd dived nearly 5% on Monday even after the Australian health insurer assured clients that normal business operations have resumed following an attempted ransomware attack on its network.

The company, which reaffirmed that there was no evidence that customer data had been removed from the network, is on track to mark its worst day in 2-1/2 years. Shares of Medibank fell as much as 4.8% to A$3.350, their lowest level since July 19.

That was the latest in a string of cyber attacks in recent weeks to rock corporate Australia including a breach at second-largest telecoms provider Optus, which compromised data of up to 10 million customers and at a Woolworths unit that exposed data of nearly 2.2 million users.

Medibank said last Thursday it would isolate and remove access to some customer-facing systems after it detected unusual activity on its network.

The company said its investigation indicated that its cyber security systems had detected activity "consistent with the precursor to a ransomware event" but that its systems were not encrypted by ransomware.

There was no indication that the incident was caused by a "state-based threat actor", the company said, adding that an investigation into the incident would continue.

It said its business was tracking in line with its fiscal 2023 forecast and would be unaffected by the incident.

(Reporting by Shashwat Awasthi and Roushni Nair; editing by Diane Craft, Will Dunham and Sherry Jacob-Phillips)