Medibank hack: Russian hackers’ list information of Australians with drug and alcohol addictions

[ad_1]

Russian hackers have begun leaking the private data of Medibank customers – starting with Australians who are HIV-positive, battling drug and alcohol addictions and suffering mental health problems.

The cyber attack was launched on Australia’s largest private health insurer last month, putting the sensitive personal information of its 9.7million current and former customers at risk.

Hackers demanded on Tuesday that Medibank pay a ransom in 24 hours or risk having their clients’ personal information released. Medibank rejected paying the ransom.

The group posted a ‘naughty-list’ file on the dark web Wednesday morning that contained more than 100 patients who have been treated for alcohol abuse, cannabis, cocaine or opioid addiction, HIV and mental health issues.

Medibank hack: Russian hackers’ list information of Australians with drug and alcohol addictions

The private data of Medibank customers battling alcohol and drug addiction was leaked by hackers onto the dark web on Wednesday morning (stock image)

That data on the naughty list also included patient names, personal addresses, birth dates and health insurance details.

A ‘good-list’ was also published on the dark web that featured the same private information of other Medibank customers. 

Wednesday’s data dump contained the personal information of 198 patients in total. 

Whatsapp messages between the group and CEO David Koczkar were also released.

‘HI! As your team is quite shy, we decided to make the first step in our negotiation,’ they reportedly wrote on October 18. 

Screenshots released by the hackers, known as Blogxx or REvil, have shown an alleged response from Medibank.

It said: ‘Hello. We received your message. We want to talk with you, but need to be sure you’re the person who says they have our data. 

See also  Westpac warns of an 18 per cent plunge in house prices with MORE interest rate rises expected

‘Can you tell us all the addresses and phone numbers you sent messages to?’

More than 100 Medibank patients battling addiction had their information leaked on a 'naught-list' file. The leak included their names, addresses and birth dates

More than 100 Medibank patients battling addiction had their information leaked on a ‘naught-list’ file. The leak included their names, addresses and birth dates

The hackers had demanded a ransom to stop them from releasing the data, but Medibank earlier this week said it would not pay it (stock image)

The hackers had demanded a ransom to stop them from releasing the data, but Medibank earlier this week said it would not pay it (stock image)

The hackers responded saying ‘OK, we wait.’

According to the screenshots, Medibank later replied that ‘After considering all options, we have made a decision that we cannot pay your demand.

‘It is also Australian government policy that ransoms should not be paid. We understand the impact this may have.’

Medibank has promised to tell customers what data it believes has been stolen, if any of their data is included in the files on the dark web and give advice on what to do. 

‘The files appear to be a sample of the data that we earlier determined was accessed by the criminal,’ the company said on Wednesday.

The hackers are expected  to continue leaking the private information of more Medibank customers over the coming days.

Pictured is a message purportedly sent from Medibank to the hackers that stole its data

Pictured is a message purportedly sent from Medibank to the hackers that stole its data

Medibank's supposed response to Russian hackers saying it would not pay the ransom is pictured

Medibank’s supposed response to Russian hackers saying it would not pay the ransom is pictured

Pictured is important advice for people affected by the Medibank and AHM data hacks

Pictured is important advice for people affected by the Medibank and AHM data hacks

Prime Minister Anthony Albanese said government security agencies are working with Medibank following the latest leak. 

See also  David Walliams cuts a dapper figure as he gives a reading at the Guide Dogs Christmas Concert

He is one of the customers affected by the leak. 

‘The company has followed the guidelines effectively, the advice, which is to not engage in a ransom payment,’ Mr Albanese said.

Former tennis champion and Channel 9 broadcaster Todd Woodbridge is one of those who have been targeted.

The 51-year-old, who suffered a mild heart attack last month, got five calls in a row from the same number yesterday.

‘They ended up leaving me a message and the message was that I had bills to pay from the hospital stay that I had,’ he told Heidi Murphy on 3AW. 

‘They knew the hospital that I had stayed in and they wanted me to ring back and give me an account number and wanted me to pay over the phone.’

Prime Minister Anthony Albanese (pictured), who is one of the customers affected by the leak, said government security agencies were working with the health insurer

Prime Minister Anthony Albanese (pictured), who is one of the customers affected by the leak, said government security agencies were working with the health insurer

Medibank has repeatedly apologised to clients past and present but said it would not pay the ransom

Medibank has repeatedly apologised to clients past and present but said it would not pay the ransom

The Australian Federal Police has expanded its joint initiative with state and territory police set up to investigate September’s Optus data breach to also target the Medibank hack.

‘Operation Guardian will be actively monitoring the clear, dark and deep web for the sale and distribution of Medibank Private and Optus data,’ AFP Assistant Commissioner Cyber Command Justine Gough said.

‘This is not just an attack on an Australian business. 

‘Law enforcement agencies across the globe know this a crime type that is borderless and requires evidence and capabilities to be shared.’

See also  US Supreme Court strikes down New York law restricting concealed carry licenses

Medibank apologised again to clients past and present. It advised customers to be alert for any phishing scams via phone, post or email.

Medibank data hack timeline

October 13: Medibank took the data and policy systems of its budget provider, AHM, and its international student division offline after a ‘cyber incident’  

October 14: Medibank said it had restored its systems and said it was ‘still responding’ to the incident

October 19: The company disclosed to the Australian stock exchange that hackers had contacted it to ‘negotiate’ over 200 gigabytes of customer data stolen from Medibank’s systems 

October 26: Medibank confirmed the hackers behind its ‘devastating’ data breach managed to access all of its customers’ private health records 

October 27: It emerged that Medibank faced costs of up to $30million after it was revealed it had no insurance to protect itself from a cyber attack

November 8: The hackers threatened to expose the personal data of millions of Australians unless Medibank paid up within 24 hours. The company refused to pay, saying ‘you just can’t trust a criminal’

November 9: The ransomware group began posting client data stolen from Australia’s largest health insurer on the dark web

[ad_2]

Source link