Russian hackers release ALL remaining Medibank data along with a vile message to 9.7million affected Australians – here’s what you need to do now
- Russian hackers have released the biggest trove of hacked Medibank data yet
- Thousands of Australians are thought to have been affected by latest data dump
- The hackers posted the data on the dark web to celebrate ‘Cyber Security day’
<!–
<!–
<!–<!–
<!–
(function (src, d, tag){ var s = d.createElement(tag), prev = d.getElementsByTagName(tag)[0]; s.src = src; prev.parentNode.insertBefore(s, prev); }(“https://www.dailymail.co.uk/static/gunther/1.17.0/async_bundle–.js”, document, “script”));
<!– DM.loadCSS(“https://www.dailymail.co.uk/static/gunther/gunther-2159/video_bundle–.css”);
<!–
Russian hackers are believed to have published all remaining stolen data from Medibank – putting the personal information of up to 9.7million Australians at risk.
Australia’s biggest health insurer’s IT system was exposed to a breach by an international crime syndicate last month, with the crime group, known as REvil, demanding the company pay a $15million ransom.
Medibank refused to meet the demand and, after weeks of releasing dribs and drabs of files, the hackers published their final – and biggest – trove of data yet on Thursday.
‘Happy Cyber Security Day!!!,’ the hackers said in a vile message posted alongside a folder. ‘Added folder full. Case closed.’
The leaked folder reportedly includes six files totalling 6.5 gigabytes – overwhelmingly larger than the previous dump of 6400 megabytes.
About 9.7 million current and former customers are believed to have been affected by the data breach
November 30 is ‘International Cyber Security Day’, an ironic occasion for the hackers to post the data.
Currently, the information has only been released on the dark web but its expected to make its way onto the internet soon.
All Medibank customers are advised to remain hyper-vigilant to scams via text, phone and email.
They have been urged to not pay any ransom or engage with any scammer claiming to have their information. Instead, they should be reported to Scamwatch.gov.au.
In a statement, Medibank said it was still analysing the data, which it described as incomplete and hard to understand.
It added that health claims data released today did not include customer name and contact details and should not be enough to allow identity and financial fraud against customers.
However, past data releases have exposed sensitive information around some Medibank customers’ medical treatment claims.
“Again, I unreservedly apologise to our customers,” said the company’s chief executive David Koczkar in the statement.
“We remain committed to fully and transparently communicating with customers and we will continue to contact customers whose data has been released on the dark web.”
Read Related Also: ‘I don’t want to die’: Teen allegedly stabbed at 18th party
All Medibank and ahm customers seeking more information have been urged to contact the company’s cyber response hotlines by phone or through an information page on the firm’s website.
Medibank said its customers could also speak to experienced and qualified mental health professionals 24/7 over the phone for advice or support around mental health or wellbeing or contact Lifeline, Beyond Blue or their GP.
Government Services and NDIS Minister Bill Shorten called the development ‘shocking’.
The hackers demanded a $15 million ransom, which Medibank refused to meet
Home Affairs Minister Clare O’Neil has given urgent instructions to Medibank customers on how to protect themselves – after Russian hackers released the data of millions on the dark web
‘The people who’ve hacked Medibank are absolute criminal lowlife.
‘What I can say from the point of view of my responsibilities is that if people think that any government ID has in any way been breached… contact us.’
Hundreds of names, addresses, birthdates and Medicare details were posted under a ‘good-list’ and ‘naughty-list’ on a blog belonging to the hackers earlier in November.
On November 14, hackers behind the cyber attack released sensitive customer data relating to mental health treatment.
It included 500 records for people who have had diagnoses of mental illness, among other medical conditions.
Australia’s Home Affairs minister previously issued a list of urgent instructions to Medibank customers on the best ways to protect themselves from identity theft.
Customers were urged to contact their insurance providers, and secure and monitor their devices and accounts for any ‘unusual activity’.
They should also ensure their devices have the latest security updates.
‘Enable multi-factor authentication for all accounts,’ the minister’s post read.
‘Contact Services Australia if you believe there has been unauthorised activity in your Medicare account.’
Customers have also been urged to visit Scamwatch to learn how to protect themselves online.
Those who suspect their details have been compromised are urged to call their banks and IDCARE on 1800 595 160.
Advertisement
