Medibank hackers publish stolen customer data on dark web

Share

Medibank hackers have released the first batch of the stolen data into the dark web, all the while revealing that they demanded a “discount” ransom of $US1 per customer data in return for not publishing the information. 

The group began releasing Medibank data on the dark web in the early hours of Wednesday morning under “good-list” and “naughty-list”. 

The first wave included names, birthdates, addresses, email addresses, phone numbers, health claims information, Medicare numbers for Medibank’s ahm customers and passport numbers for international student clients. 

Aside from this, the ransomware group also claimed it had released sensitive details of customers’ medical procedures. 

“Added one more file abortions.csv …,” the post said. 

“Society ask us about ransom, it’s a 10 million USD. We can make discount 9.7m 1$=1 customer.” 

Medibank confirmed that the released files appear to be a sample of the data that was earlier determined to be accessed by the criminal. 

The health insurer warned that more customer data would be uploaded to the dark web, as it had rejected hackers’ demands to pay a ransom in return for the data not being released. 

People whose highly sensitive health information was stolen and posted on the dark web will get the support they need, Australian Information Commissioner and Privacy Commissioner Angelene Falk said. 

“These acts are abhorrent. To post Australians’ sensitive health information on the dark web is very concerning,” she said. 

“Right now, we need to support affected individuals.” 

Medibank has set up links to mental health services on its website. 

Check out: ACSC addresses rising trends in latest Cyber Threat Report

Federal Minister for Aged Care and Sport Annika Wells reiterated government’s advice not to pay ransoms and make a police report. 

“You do not pay the ransom,” she said. 

“You’re making the assumption that that is true and what we’re saying is that may not necessarily be the case – plenty of scumbags out there are going to try and make the most of this situation.” 

Opposition cyber security spokesman James Paterson said there was no doubt affected Medibank customers will be very distressed. 

“Unfortunately … this is the worst-case scenario,” he said, adding that companies need to take hacking threats seriously. 

“If after Optus and Medibank they’re not taking it seriously, they need their heads read.” 

Australian Federal Police are ramping up efforts to catch the Medibank hackers and are coordinating with state and territory police to support people at risk of identity fraud. 

Operation Guardian, which was set up to tackle the recent Optus hack, is being expanded to investigate the Medibank data theft. 

“If members of the community feel they are at imminent risk they should contact triple zero immediately,” AFP Assistant Commissioner Cyber Command Justine Gough said. 

Medibank has confirmed details of almost 500,000 health claims have been stolen, along with personal information, after the unnamed group hacked into its system weeks ago. 

No credit card or banking details were accessed. 

With AAP