Hackers’ chilling warning
Medibank data released, ‘more to come’
THE hackers behind the devastating Medibank data breach have released a new cache of personal data related to customers’ mental health treatment on the dark web.
On Sunday night, the group posted the stolen file to the dark web blog which contained hundreds of claims from policyholders related to chronic conditions and mental illnesses. “There is (sic) some more records for everybody to know,” the hackers wrote in a blog update.
“We’ll announce, that next portion of data we’ll publish at Friday, bypassing this week completely in a (sic) hope something meaningful happened (sic) on Wednesday.”
Medibank confirmed 500 records were included in the list, including 46 records from previous lists of released personal data.
It’s the fourth data dump since the cyber attackers began ransoming personal information for a $15m payout.
The hackers noted they would not have posted the revealing data if the ransom had been paid.
Previous data releases have contained personal data related to sensitive topics including termination of pregnancies and medical conditions related to the harmful use of alcohol.
Hackers have now leaked 1200 private records since last Wednesday.
More than 9.7 million Australians had their personal data stolen last month after the credentials of a high-level Medibank employee were obtained and sold to hackers via a cybercriminal forum.
Medibank CEO David Koczkar said the Australian Federal Police will take “swift action” against criminals who attempt to profit from the stolen data. “Anyone who downloads this data from the dark web – which is more complicated than searching for information in a public internet forum – and attempts to profit from it is committing a crime,” he said.
The Medibank boss said the health insurer was working closely with police to prevent the misuse of the information.
“Our focus remains resolutely on doing everything we can to make sure our customers are supported during this difficult time,” he said.
“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care.”
Medibank will be contacting all customers affected by the massive breach, but Mr Koczkar urged customers to reach out for support from the company’s mental health and cybercrime hotlines.
The new leak comes just days before the Medibank boss is due to face the company’s shareholders for the annual general meeting on Wednesday.
The AGM is sure to be a fiery confrontation, as affected customers eye a potential class action lawsuit.
Over the weekend, the federal government announced the establishment of a joint standing operation to combat hacker groups. Federal police believe the cyber criminals are based in Russia.