Russian Medibank hackers follow through with their threat and start posting private health data online as they demand another ransom
- Medibank hackers threatened on Tuesday they would release private details
- The health giant said on Monday it had refused to pay the ransom to the hackers
- Australians’ private health data was posted online early Wednesday by the group
<!–
<!–
<!–<!–
<!–
(function (src, d, tag){ var s = d.createElement(tag), prev = d.getElementsByTagName(tag)[0]; s.src = src; prev.parentNode.insertBefore(s, prev); }(“https://www.dailymail.co.uk/static/gunther/1.17.0/async_bundle–.js”, document, “script”));
<!– DM.loadCSS(“https://www.dailymail.co.uk/static/gunther/gunther-2159/video_bundle–.css”);
<!–
A ransomware group has begun posting client data stolen from Australia’s largest health insurer on the dark web.
Hundreds of names, addresses, birthdates and Medicare details were being posted under ‘good-list’ and ‘naughty-list’ on a blog belonging to the group.
The hackers had demanded a ransom to stop them from releasing the data, but Medibank earlier this week said it would not pay it because it would encourage further crime.
Shortly after midnight, the group posted the first lists.
‘Looking back that data is stored not very understandable format (table dumps) we’ll take some time to sort it out,’ they said in the early hours of Wednesday.
‘We’ll continue posting data partially, need some time to do it pretty.’
Hundreds of names, addresses, birthdates and Medicare details were being posted under ‘good-list’ and ‘naughty-list’ on a blog belonging to the group.
The hackers also appeared to have revealed screenshots of private messages recently exchanged between themselves and Medibank representatives.
Medibank has previously confirmed almost 500,000 health claims were stolen by the hackers, along with personal information, when the unnamed group hacked into its system weeks ago.
Some 9.7 million current and former customers have been affected.
No credit card or banking details were accessed.
Read Related Also: Colorado baker challenges ruling against him after he declined to bake a gender transition cake
On Tuesday, the ransomware group posted to its blog that ‘data will be publish (sic) in 24 hours’.
‘P.S. I recommend to sell (sic) medibank stocks.’
The hackers posted a bizarre meme (pictured) as they threatened to release the personal data of millions of Australia in 24 hours unless Medibank pays up
Medibank apologised again to clients past and present on Tuesday. It advised customers to be alert for any phishing scams via phone, post or email.
‘We knew the publication of data online by the criminal could be a possibility but the criminal’s threat is still a distressing development for our customers,’ CEO David Koczkar said on Tuesday.
Home Affairs Minister Clare O’Neil said Medibank’s decision not to pay a ransom to cyber criminals was in line with government advice.
Medibank is certainly not alone in refusing to pay a ransom demand, with a recent report finding 19 per cent of Australian companies responded to ransomware attacks by paying the fee.
Medibank has repeatedly apologised to clients past and present but said it would not pay the ransom
Mimecast’s 2022 State of Ransomware Readiness report found 20 per cent of companies were asked to pay between $500,000 and $999,999 for their information
Some 13 per cent of the businesses surveyed said the total cost of the ransomware attacks they’d experienced was between $1 million and $2 million.
At a Senate estimates hearing on Tuesday, Australian Federal Police commissioner Reece Kershaw told businesses to make sure they contact authorities as early as possible if they suspect a possible data breach.
With the FBI now helping the AFP track down those behind the Medibank and Optus data breaches, Mr Kershaw said investigating would be long and complex.
‘The longer it takes relevant agencies to be informed, the harder it is for perpetrators to be identified, disrupted or brought to justice,’ he told senators.
Advertisement
