The hackers behind the Medibank cyberattack released more sensitive customer data relating to mental health treatment.
The file was posted on the dark web on Monday, where the hackers previously released data from Australia’s largest private insurer.
WATCH VIDEO ABOVE: Hacking of Medibank data escalates.
Watch the latest news on Channel 7 or stream for free on 7plus >>
It includes 500 records of people who have been diagnosed with mental illness, among other medical conditions.
The Russian criminals said they did not plan to release any more information until Friday and would closely follow Medibank’s shareholders’ meeting on Wednesday.
“There are (sic) other records everyone should know about,” the hackers wrote in an update.
“We will announce the next part of the data we release on Friday (sic), completely bypassing this week in hopes that something significant happened on Wednesday.”
Medibank Chief Executive David Koczkar apologized for posting the sensitive information.
“We will continue to support everyone who has been impacted by this crime through our Cyber Response Support Program,” he said.
“This includes mental health and wellbeing support, identity protection and financial hardship measures.”
A number of health and community organizations have called on major social media outlets to remove posts that share sensitive information.
Meanwhile, Medibank could face a data breach lawsuit.
Law firm Maurice Blackburn has confirmed that it is examining whether customers affected by the hack may be entitled to compensation.
The firm’s lead solicitor, Andrew Watson, said the data breach was one of the worst seen in Australia.
“Companies that hold their customers’ sensitive health information have an important obligation to ensure the information is protected, depending on the sensitivity of that data,” he said.
“Medibank has an increased responsibility to put in place greater safeguards to secure the personal and medical information it has collected from its customers.”
Data including names, phone numbers, health insurance numbers and sensitive health information was taken by the hackers during the breach.
As the government seeks solutions to improve cybersecurity laws, Home Secretary Clare O’Neil has warned that it may soon be illegal for companies to pay ransom demands to hackers in the event of data breach.
“The way we look at the task of reform…is a bunch of quick wins, things we can do quickly, and defending the new police operation is one of them,” O’Neil told ABC’s Insiders. on Sunday.
Federal police confirmed last week that Russian hackers were behind the attack.
A permanent 100-officer cybercrime operation targeting hackers will be led by AFP and the Australian Directorate of Signals.
“We will offensively find these people, hunt them down and weaken them before they can attack our country,” O’Neil said.