Medibank has failed in its bid to stop the Australian Information Commissioner from investigating a complaint into its October 2022 cyber attack.

The private health company lodged an application in the Federal Court, seeking to restrain the commissioner from investigating and making a determination on the representative complaint.

Medibank argued any determination could interfere with the administration of justice in a separate class action, in which customers who had their personal information accessed are seeking compensation.

But Justice Jonathan Beach on Thursday refused Medibank’s application against the Australian Information Commissioner and ordered it to be dismissed.

Medibank has been approached for comment.

At least 9.7 million Medibank customers had information including names, dates of birth, addresses and phone numbers compromised in October 2022, some of which was published on the dark web.

Russian man Aleksandr Ermakov was sanctioned by the federal government in January for his role in the cyber attack.