menu

Australia's Medibank warns that hacker may release more data

By
Reuters

November 09, 2022

An illuminated sign is seen outside a branch of the Australian health insurer Medibank Private in Sydney October 20, 2014.— Reuters
An illuminated sign is seen outside a branch of the Australian health insurer Medibank Private in Sydney October 20, 2014.— Reuters 

  • Medibank is Australia's biggest health insurer.
  • Says some personal details posted on dark web.
  • Customers urged to be on high alert for extortion attempts.

SYDNEY: Australia's biggest health insurer Medibank, recently hit by a massive cyber hack, said on Wednesday the hacker could release more stolen data after the company refused to make ransom payments.

Some names, addresses, phone numbers, email addresses, passport numbers of international students and health claims data stolen from Medibank's systems have already been released on a dark web forum, the company said in a statement.

"We expect the criminal to continue to release files on the dark web," it added.

Local media has reported the stolen data was posted on a blog linked to ransomware crime group REvil, which some experts say has links to Russia.

Prime Minister Anthony Albanese said his government was working with investigators on the cyber hack, the latest in a string of data breaches which have rocked corporate Australia.

"This is really tough for people. I'm a Medibank private customer as well, and it will be of concern that some of this information has been put out there," Albanese said during a media briefing.

It was not immediately clear whether the hacker has access to the prime minister's medical or personal details.

Data of around 9.7 million current and former customers were compromised, Medibank has said.

Medibank shares have plunged 22% since the hack was revealed by the company on Oct. 13. Shares were up nearly 2% in late morning trade on Wednesday.

Medibank's decision not to pay a ransom is consistent with the government's advice, Federal Cyber Security Minister Clare O'Neil said in a statement on Wednesday. She urged impacted customers to be on high alert for extortion attempts.

Medibank Chief Executive David Koczkar described the incident as "a criminal act" on Wednesday.

Australia has seen a spike in cyber attacks with at least eight companies, including Singapore Telecommunications-owned telecoms company Optus, reporting breaches since September.

Technology experts have said Australia has become a target for hackers just as a skills shortage leaves an understaffed, overworked cybersecurity workforce ill-equipped to stop attacks.

More From World:

Atlantic City mayor, wife 'abused, assaulted' their daughter

Atlantic City mayor, wife 'abused, assaulted' their daughter
Donald Trump's son Barron to graduate next month but his dad might miss out

Donald Trump's son Barron to graduate next month but his dad might miss out
How Melania Trump feels about Donald Trump's hush money case?

How Melania Trump feels about Donald Trump's hush money case?
What is starting time of Donald Trump's hush money trial in New York?

What is starting time of Donald Trump's hush money trial in New York?
Multiple stabbed in Sydney days after shopping mall massacre

Multiple stabbed in Sydney days after shopping mall massacre
Chris Sununu defends his sudden support for Donald Trump

Chris Sununu defends his sudden support for Donald Trump
Saudi Arabia's Hajj Ministry makes major announcement about Umrah visa

Saudi Arabia's Hajj Ministry makes major announcement about Umrah visa
People urged to 'shower as a couple' as Colombia faces water crisis

People urged to 'shower as a couple' as Colombia faces water crisis