Hackers release flood of information about Medibank customers


The personal and medical information of millions of Australians appears to be accessible online, after the group behind the Medibank hack released a flood of sensitive customer data on Wednesday.

Experts had previously suggested the hackers, who claim to be a Russian group that makes its fortune by ransoming the information it steals, were pursuing a slow release strategy after just 200 customer records were released on Wednesday morning.

But a few hours later The new daily saw that hundreds of files totaling over 2.5 gigabytes of information were available for download via the band’s dark web blog. The blog has become a forum to taunt the health insurer – Australia’s largest – and the victims of the hack.

A massive chunk of data included customers’ phone numbers, addresses and health treatment information. It was spread across more than 200 documents, many of which appeared to contain 400,000 lines of information each.

Troy Hunt, Microsoft regional director and international authority on data breaches, said his initial view was that the information now freely downloadable could represent “a very significant portion” of the data stolen in the hack and a “surprising amount ” customer information.

“They have a ton of [files] and clearly those [files] will contain a lot of personal information,” he said. The new daily.

“From what I have heard and seen, I suspect that there is already a very large group of people within these [files].”

Medibank did not immediately respond to questions about how much data is now online and whether most of its affected customer information has been released.

The personal information of some 9.7 million current and former customers was reportedly stolen in early October when Medibank computer systems were infiltrated by hackers who allegedly took 200 gigabytes of data.

Initially, the hackers released two files on Wednesday, each containing the details of 100 customers – one labeled “bad guy” and one labeled “nice guy”.

It was a cruel taunt towards their victims.

Those on the “bad guys” list had been treated for drug addiction, including at exclusive clinics in metropolitan Australia such as the Sydney Clinic.

Patients rated as “nice” were mostly elderly patients whose medical records indicated they needed surgery for aging issues; one customer pointed to was over 105 years old.

“We will continue to release data partially including confluence, source codes, list of items and some files obtained from medi file system of different hosts,” the hackers wrote.

Another data dump appeared to contain the information of hundreds of thousands of foreign nationals labeled as international university students.

DT emailed some of the victims in the initial version, asking for feedback. In response, a woman’s daughter said her mother was too upset about the invasion to speak out personally.

Messages between the hackers and Medibank were also published. An exchange on October 21 showed that the group had signaled its intention to systematically analyze and publish customer details.

“Clearly Medibank was never going to pay the ransom,” Mr Hunt said.

“And these crews depend on the implementation of their threats to be taken seriously.

“I’m sure the penny would have dropped for Medibank several weeks ago that that was definitely going to be the outcome.”

Also on Wednesday, Cybersecurity Minister Clare O’Neil called the hack “the lowest of lows”, noting that while only a small amount of people’s personal health information had so far been shared, that was probably going to change.

‘I cannot express the disgust I have for the scumbags who are at the heart of this criminal act,’ she told parliament.

“People have the right to keep their health information private, even among ransomware attackers. The idea of ​​disclosing other people’s personal health information is considered objectionable.

Police said the release of the latest information could make affected customers more likely to be approached by scammers or become victims of identity theft.

Mr Hunt said it was important for anyone affected by the hack to be vigilant about the fundamentals of security. This involved being on the lookout for scams and making sure to verify the identity of any unknown callers or anyone making inquiries.

“If you’re not sure, hang up and go to medibank.com.au,” he said.

“Keep your software up to date and use a password manager.

“Let’s hope these events bring all of this to the forefront of everyone’s mind a bit more.”

Previous VMware Fixes Three Critical Authentication Bypass Bugs in the Remote Access Tool
Next Microsoft confirms gaming performance issues on Windows 11 22H2