Cyber scare: Velocity members caught up in Medibank data breach

As a result of the Medibank data breach, some Velocity members have woken up to a locked frequent flyer account.

Velocity Frequent Flyer members who are with Medibank and have previously given their frequent flyer number as part of a bonus points sign-up offer are waking up to an inactive Velocity account.

Medibank has advised Velocity Frequent Flyer that a small batch of Velocity members may have had their Velocity membership number accessed as part of a significant data breach. 

The potentially affected Velocity members have had their frequent flyer account locked to prevent unauthorised activity while Velocity works to issue new membership numbers to those caught up in the cyberattack.


Velocity’s swift precautionary measures follow the hackers’ recent move to release stolen data on the dark web. The situation is still unfolding, so we’ll be sure to keep you updated. Here’s what we know now:

How will this impact me?

Velocity Frequent Flyer has assured members that this move will not affect their points balance, ability to travel, earn Velocity Points or have their status recognised.

This means that you’ll still be able to fly and access lounges (when entitled) if your Velocity account has been locked as a result of your membership number potentially being caught up in the breach. 

However, while your account is locked, you won’t be able to log in and redeem Velocity Points until Velocity Frequent Flyer contacts you with a new membership number.

What should I do?

Velocity is urging customers to sit tight while they take precautionary measures to protect frequent flyer accounts.

However, it pays to remain vigilant, report suspicious activity and swiftly change passwords across all accounts if you’ve been caught up in the Medibank data breach.

Medibank cyberattack: What happened exactly?

Almost one month ago, Medibank reported a large-scale cyberattack that resulted in a data breach where the personal information of every Medibank, ahm and international student customer’s information has been compromised.

So far, the leaked stolen data of about four million existing and previous customers includes:

  • names
  • addresses
  • dates of birth
  • phone numbers
  • email addresses
  • Medicare numbers

In select cases, a significant amount of customers will also have had their passport numbers and health claims data leaked.

More recently, failure to meet the unknown ransom has seen the hackers move to release the stolen data on the dark web, with threats to continue to do so over the coming days.

The Medibank cyberattack follows a recent Optus data breach, again highlighting the importance of protecting our identity online.

If you’re concerned your data has been stolen, you can visit Medibank’s cyber event updates and support page or contact the following hotlines:

  • 13 23 31 (Medibank customers)
  • 13 42 46 (ahm customers)

Have you woken up to a locked Velocity Frequent Flyer account today?

While you’re here: Subscribe to our newsletter for the latest tips, deals and news. It only takes a few seconds and we respect your privacy:

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top