Medibank has revealed private medical details of customers who use its flagship brand have been obtained in the recent major data breach.

It’s believed the stolen data includes names, addresses, birth dates, Medicare numbers and contact information.

The health insurer initially thought its budget arm AHM and information on some international students had been compromised.

But Medibank has confirmed that the company has received a file from the hacker with 1000 AHM policy records, including personal and health data, as well as files which contain some Medibank, AHM and international student customer data.

In a statement, Medibank says it was a “distressing development” and the company apologised to customers.

“As we continue to uncover the breadth and gravity of this crime, we recognise that these developments will be distressing for our customers, our people and the community – as it is to me,” CEO David Koczkar said.

“This is a malicious attack that has been committed by criminals with a view of causing maximum fear and damage, especially to the most vulnerable members of our community.”

Sofie Formica gave more details on a report the company had reached out to customers who had passed away.

Press PLAY below to hear her explain the latest in the cyber hack

Tech expert Geoff Quattromani told 3AW radio the 1,000 records obtained by the hacker is just the tip of the iceberg.

“We’re talking around 3.9 million people that could be impacted by this,” Mr Quattromani said.