Medibank Hackers Release More Australian Data

Medibank Hackers Release More Australian Data
A woman walks past a ‘medibank’ shopfront in Canberra, Australia, on Oct. 20, 2022. (AAP Image/Lukas Coch)
AAP
By AAP
11/20/2022
Updated:
11/20/2022

The Russian cybercriminals behind the cyber attack against Australia’s largest health insurer Medibank have been branded “grubs” after releasing more stolen data as they continue to play games with the customers of the nation’s biggest health insurer.

The ransomware group dumped a fifth tranche of customer-sensitive information on the dark web overnight after the company refused earlier this month to pay a $A15 million ($US10 million) ransom to get it back.

“Added more files psycho.csv, hiv.csv, viral_hepatitis.csv, std.csv, ....”, they said in a post on Sunday seen by AAP.

It’s believed the latter files do not carry information on sexually transmitted disease treatments and is another example of the hackers trying to spread fear.

Australia’s Treasurer Jim Chalmers said the hacking group’s behaviour was despicable.

“These people are complete grubs - pure and simple,” he said on Sunday in Brisbane.

“We’ve all got an interest in stamping out this despicable, despicable, grubby act of the kind that we’ve seen overnight.”

Medibank said the data comprised four files containing 1496 records and noted 123 records were from the previous files released. As well, 375 of the records do not match.

“We are conducting further analysis on the files today to determine their accuracy. Previous files released have not matched our records,” it said.

Medibank confirmed there was information on chronic conditions such as heart disease, diabetes and asthma, people with cancer and people with mental health conditions, including delirium, and other conditions.

“Again, I unreservedly apologise to our customers,” Medibank CEO David Koczkar said in a statement.

He warned there were real people behind the data.

“Anyone who downloads this data from the dark web, which is more complicated than searching for information in a public internet forum and attempts to profit from it is committing a crime,” Koczkar said.

Medibank also reminded customers impacted by the data theft they can get help through its Cyber Response Support Program.

This includes mental health and wellbeing support, identity protection and financial hardship measures.

“We remain committed to fully and transparently communicating with customers and we will continue to contact customers whose data has been released on the dark web,” Koczkar said.

The hackers had not posted any new files since November 13, when they announced they were bypassing a week “in a hope something meaningful happens” in terms of their ransom demands.

Last week at Medibank’s annual meeting in Melbourne, its executives stood by the decision not to pay the ransom to the hackers, saying it would only encourage other criminals and more hacks.

Medibank also increased its customer support team by more than 300 people.

Australian Federal Police are investigating the hack.