Medibank hackers reveal ransom ‘discount’ as sensitive medical details released

Medibank ransom details revealed

The hackers allegedly behind the theft of Medibank data linked to 9.7 million customers have revealed they allegedly demanded a $1 per customer ransom from the health insurer.

In a chilling message posted on the dark web overnight, the ransomware group also claimed it had released sensitive details of customers’ medical procedures.

“Added one more file abortions.csv …,” the post said.

“Society ask us about ransom, it’s a 10 millions usd. We can make discount 9.7m 1$=1 customer.”

The group began releasing Medibank data on the dark web in the early hours of Wednesday morning under “good-list” and “naughty-list”.

The first wave included names, birthdates, addresses, email addresses, phone numbers, health claims information, Medicare numbers for Medibank’s ahm customers and passport numbers for international student clients.

“The files appear to be a sample of the data that we earlier determined was accessed by the criminal,” Medibank confirmed on Wednesday.

“We expect the criminal to continue to release files on the dark web.”

Medibank revealed earlier this week it had rejected hacker demands it pay a ransom in return for the data not being released.

Asked what people should do if they were contacted by someone claiming to have sensitive information about them, federal minister Annika Wells reiterated the government’s advice was not to pay ransoms.

“You do not pay the ransom,” she told Nine Network on Thursday.

“You’re making the assumption that that is true and what we’re saying is that may not necessarily be the case – plenty of scumbags out there are going to try and make the most of this situation.”

Medibank had warned more customer data would be uploaded to the dark web, which is what appears to have happened in the early hours of Thursday.

Australian Federal Police are ramping up efforts to catch those behind the huge data breach.

Operation Guardian, which was set up to tackle the recent Optus hack, is being expanded to investigate the Medibank data theft.

“Of course we are worried, and that’s why we have Operation Guardian in place working with state and territory police to identify members of the community who are at risk to identity fraud,” AFP Assistant Commissioner Cyber Command Justine Gough said.

“If members of the community feel they are at imminent risk they should contact triple zero immediately.”

Cyber Security Minister Clare O’Neil told parliament on Wednesday the government had been preparing for the data to be published for a number of weeks.

“The actions of the national coordination mechanism to prepare for what is taking place are extensive,” she said.

“It includes placing protective security around government data, state police working with affected individuals, the organisation of mental health support and counselling and putting in place management plans around people who have some very specific vulnerabilities.”

Ms O’Neil called on social media companies in particular to ensure their platforms aren’t used to publish stolen information.

“If you do so, you will be aiding and abetting the scumbags who were at the heart of these criminal acts, and I know you would not do that to your own country and its citizens,” she said.

Medibank has confirmed details of almost 500,000 health claims have been stolen, along with personal information, after the unnamed group hacked into its system weeks ago.

No credit card or banking details were accessed.


Stay informed, daily
A FREE subscription to The New Daily arrives every morning and evening.
The New Daily is a trusted source of national news and information and is provided free for all Australians. Read our editorial charter
Copyright © 2024 The New Daily.
All rights reserved.