“This is a new development and Medibank understands this news will cause concerns for customers and the protection of their data remains our priority,” it said in a statement.

“Medibank is working urgently to establish if the claim is true, although based on our ongoing forensic investigation we are treating the matter seriously at this time.”

The federal government has confirmed the incident within Medibank after the health insurer went into a trading halt on receiving messages from alleged data hackers.

Cyber Security Minister Clare O’Neil said her department was working with all relevant agencies across government and the facts were continuing to be established.

“This incident is another reminder for Australian governments, businesses and citizens to be vigilant about their cyber safety,” she said in a statement on Wednesday night.

Ms O’Neil confirmed a “significant cyber security incident” had occurred.

She said support was being provided by the Australian Signals Directorate’s Australian Cyber Security Centre and the Department of Home Affairs and she had spoken with Medibank CEO David Koczkar and Australian Federal Police.

Medibank said protection of customer data remained a priority.

“Medibank systems have not been encrypted by ransomware, which means usual activities for customers continues,” their statement said.

“We continue to work with specialised cyber security firms and have advised the Australian Cyber Security Centre.”

Steps to safeguard the network and systems may cause temporary disruptions to services, the insurer warned.

Mr Koczkar offered an apology acknowledging the news would concern customers.

“Our team has been working around the clock since we first discovered the unusual activity on our systems and we will not stop doing that now,” he said.

Medibank said it held a “range of necessary personal information of customers” as a company providing health insurance and services.

-AAP