[ad_1]
The hackers behind the Medibank data theft have thumbed their noses at the federal government after being warned the ‘smartest and toughest’ people in Australia are coming after them.
The ransomware group allegedly behind the hack overnight claimed they had released more sensitive details of customers’ medical records on the dark web.
‘Added one more file Boozy.csv …,’ they wrote in a blog update in the early hours of Friday.
The file, which appears to be related to mental health and alcohol issues, comes after a data dump on Thursday named ‘abortions.csv’.
‘You telling that is disgusting (woof-woof), that we publish some data,’ they wrote on Friday in the blog seen by AAP.
‘But we warned you. we always keep our word, if we wouldn’t receive a ransom – we should post this data, because nobody will believe us in the future.’
The group claimed on Thursday it had demanded a ransom of $US1 for each of Medibank’s 9.7 million affected customers, for a total of $US9.7 million (almost $15million).
The hackers had demanded a ransom to stop them from releasing the data, but Medibank earlier this week said it would not pay it. Pictured is a stock image of a hacker
Pictured is important advice for people affected by the Medibank and AHM data hacks
Home Affairs Minister Clare O’Neil told parliament the government was standing by Medibank customers, who were entitled to have their information kept private after the ‘morally reprehensible and criminal’ attack.
‘I want the scumbags behind this attack to know that the smartest and toughest people in this country are coming after you,’ she said.
The minister spoke with Medibank chief executive David Koczkar twice on Thursday to ‘make clear’ what was expected of Australia’s biggest health insurer and to ensure customers were adequately supported.
‘I don’t want Australians to have to circulate 14 government departments or areas of Medibank in order to get what they deserve and need,’ Ms O’Neil said.
‘I received the assurance from Medibank … that if a large data dump occurs, they are fully ready to provide services when and if they are needed to Australians who need them.’
Medibank was first asked to pay a ransom on October 25, after the alleged hackers warned they would ‘do everything in our power to inflict as much damage as possible for you, both financial and reputational’.Â
Negotiations broke down on November 2, before Medibank outright refused to pay a ransom three days later.Â
Former tennis champion and Channel 9 broadcaster Todd Woodbridge (pictured with his wife Natasha) is one of those who have been targeted by the Medibank data breach
On Wednesday, November 9, the first wave of files were dropped and included names, birthdates, addresses, email addresses, phone numbers, health claims information, Medicare numbers for Medibank’s ahm customers, and passport numbers for international student clients.
A ‘naughty-list’ file contained the name, personal addresses, birth dates and health insurance details of more than 100 patients who have been treated for alcohol abuse, cannabis, cocaine or opioid addictions and mental health issues.
Former tennis champion and Channel 9 broadcaster Todd Woodbridge is one of those who have been targeted.
The 51-year-old, who suffered a mild heart attack last month, got five calls in a row from the same number earlier this week.
‘They ended up leaving me a message and the message was that I had bills to pay from the hospital stay that I had,’ he told Heidi Murphy on 3AW.
‘They knew the hospital that I had stayed in and they wanted me to ring back and give me an account number and wanted me to pay over the phone.
Medibank has repeatedly apologised to clients past and present but said it would not pay the ransom
Medibank has confirmed details of almost 500,000 health claims have been stolen, along with personal information, after the group hacked into its system last month.
No credit card or banking details were accessed.
Mr Koczkar said the data release was disgraceful and malicious and could discourage people from seeking medical care.
Australian Federal Police investigators are working with international agencies, as well as state and territory police.
Opposition cyber security spokesman James Paterson said anyone who is contacted by a person purporting to have access to their data should immediately report it to authorities.
Senator Paterson has proposed a ‘safe harbour’ provision – involving the nation’s cyber security agency, the Australian Signals Directorate, to give companies time in the immediate aftermath of an attack to respond to the crisis without worrying about legal and privacy ramifications.
The hackers appeared to have revealed screenshots of private messages recently exchanged between themselves and Medibank representatives
Hundreds of names, addresses, birthdates and Medicare details were being posted under ‘good-list’ and ‘naughty-list’ on a blog belonging to the group
The hackers posted a bizarre meme (pictured) as they threatened to release the personal data of millions of Australia in 24 hours unless Medibank pays upÂ
[ad_2]
Source link
