SYDNEY (AFP) – Hackers yesterday demanded $10 million to stop leaking highly sensitive documents stolen from a major Australian healthcare company as they uploaded yet more intimate customer details.
Medibank, Australia’s largest private health insurer, confirmed this week that hackers had accessed the information of 9.7 million current and former customers, including Prime Minister Anthony Albanese.
Hackers uploaded a second batch of files to a dark web forum yesterday, with more sensitive details of hundreds of Medibank customers. The early leaks appear to have been selected to cause maximum harm: target those who have received treatment related to drug addiction, sexually transmitted infections or pregnancy terminations.
“Added another abortions.csv file,” the anonymous hackers wrote on the forum, before detailing their ransom threat.
“The company is asking us for a ransom, it’s 10 million dollars. We can make discounts… 1 USD = 1 customer.
Medibank repeatedly refused to pay the ransom.
The Medibank hack – and a previous data breach affecting nine million customers of telecoms company Optus – have raised questions about Australia’s ability to fend off cybercriminals.
Dennis Desmond, a former FBI agent and US Defense Intelligence Agency officer, said Australia was no worse “than any other high-value target or western country”.
“It’s very unfortunate, but I don’t think Australia is more vulnerable than any other developed western country,” he said. AFP.
Desmond said for-profit hackers were unlikely to target a specific country – and were generally more interested in targeting companies with valuable data.
“These are the types of data that these hackers are most interested in,” he said.
“Health data is a huge target and personally identifiable data is of great value.
“Generally, profit and greed are the main drivers.”
The Medibank hack will likely include data on some of the most influential and wealthy people in the country.
Medibank chief executive David Koczkar condemned the “shameful” extortion tactics.
“Weaponizing people’s private information for the purpose of extorting payment is malicious and an attack on the most vulnerable members of our community.”
The group behind the attack appears to be pressuring Medibank by searching the records for the most potentially damaging personal information.
The first recordings posted on the dark web forum have been separated into “naughty” and “nice” lists.
Some people on the “bad guys” list had number codes that seemed to link them to drug addiction, alcohol abuse and HIV infection.