The hacking syndicate behind the Medibank cyberattack has followed through on its threat to release the personal details of nearly 10 million Medibank customers after the company refused to pay the ransom.
Personal data, including names, addresses, dates of birth, phone numbers, email addresses, Medicare numbers for ahm health insurance customers, some passport numbers for international students, and some health claim data has been put onto the dark web. But credit card or banking details were not breached, Medibank said.
The hacker group started releasing the files from midnight on Nov. 9 after the deadline for paying the ransom passed.
Medibank said they appeared to be a “sample of the data that we earlier determined was accessed by the criminals” and expected the hackers to continue releasing files onto the dark web.
The criminals allegedly announced that, in hindsight, the data was stored in a format that was “not very understandable.”
“We’ll continue posting data partially, need some time to do it pretty,” they said.
The Australian government, including the Australian Cyber Security Centre and the federal police, are working with Medibank.
All Advice Points to Not Paying Ransom
Medibank told customers on Monday that they had decided against paying the ransom because it could encourage the criminal to carry out further crimes.“In fact, paying could have the opposite effect and encourage the criminal to directly extort our customers, and there is a strong chance that paying puts more people in harm’s way by making Australia a bigger target.”
Assistant Treasurer Stephen Jones backed the decision and condemned the hackers.
“They’re scumbags, they’re crooks, they’re criminals and we shouldn’t be paying ransom,” he told Sky News Australia.
“We shouldn’t be giving in to these fraudsters. The moment we fold, it sends a green light to scumbags like them throughout the world that Australia is a soft target. We cannot give in, and we won’t give in.”
Cyber Security Minister Clare O’Neil also backed the decision and said Medibank’s actions were consistent with government advice.
The company confirmed that the cyberattack had affected 9.7 million current and former customers, including around 5.1 million Medibank customers, 2.8 million ahm health insurance customers, and 1.8 million international customers.
Originally designed to deal with the pandemic, the mechanism allows the government to bring together agencies across the Australian government, states and territories, and the private sector to help coordinate responses to crises.
