cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

Medibank hackers leak more sensitive data, demand AU$15m ransom

The cyber criminals behind the major Medibank hack claim they demanded AU$15.09 million (US$9.7 million) ransom to refrain from releasing stolen customer information to the dark web, after the private health insurer branded the latest data dump as a “malicious attack on vulnerable Australians”.

user iconReporter
Fri, 11 Nov 2022
Medibank hackers leak more sensitive data, demand AU$15m ransom
expand image

According to the ABC, the latest illegal release of Medibank customer data “links hundreds of customers to terminating pregnancies”.

Overnight, the ransomware gang allegedly behind the Medibank hack had published more private details on customers’ medical records on the dark web.

The ransomware collective “added one more file Boozy.csv ...,” in a blog post early Friday morning which appears to be related to alcohol issues.


The latest data dump follows Thursday’s publication of a file named abortions.csv.

Cyber Security Minister and Home Affairs Minister Clare O’Neil noted that she felt the pain of those affected by the two most recent file drops in an interview with Nine’s Today Show on Friday.

If there was a damn thing that I could do to put a stop to this, I would do it.

There is an enormous amount of work that has gone into trying to stop harm from resulting from this, trying to wrap our arms around the victims of this horrible crime,” Minister O’Neil said.

Medibank is emphasising that terminations can be for a range of reasons which include ectopic pregnancy, miscarriages and complications.

The hackers appear to be using medical reference codes to sift through the data they stole to generate files on specific health issues.

According to the AAP, the Medibank hackers demanded ransom of US$1 for each of Medibank’s 9.7 million affected customers, which would tally up to a total of AU$15 million (almost US$9.7 million) on Thursday.

“Society ask us about ransom, it's a 10 millions usd.

You telling that is disgusting (woof-woof), that we publish some data.

We can make discount 9.7m 1$=1 customer,” the hackers wrote.

According to Medibank CEO David Koczkar, the “disgraceful” release of customer data is expected to continue each day.

The relentless nature of this tactic being used by the criminal is designed to cause distress and harm.

These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care.

It’s obvious the criminal is enjoying the notoriety, Koczkar said.

According to reports, the hacker’s latest release includes over 300 files on the website that has been connected to a Russian-backed criminal entity.

Medibank has described the ongoing release of information as deplorable and has advised for people to refrain from “seeking out the data.

Minister O’Neil has specifically condemned the release of sensitive data affecting women.

I know for every woman across the country that will cut deeply.

People’s decisions about terminations are private, they are personal, they are unique to that woman, and I feel very deeply women should feel no shame about the decisions they make in this regard,” Minister O’Neil said.

The hacking group began releasing Medibank data on the dark web in the early hours of Wednesday morning under files named “good-list” and naughty-list.

But we warned you.

We always keep our word, if we wouldn't receive a ransom — we should post this data, because nobody will believe us in the future,” the hackers wrote in the blog post.

Last month, Medibank confirmed the details of almost 500,000 health claims have been stolen, along with personal information.

[Related: Cyber training boosted by NSW government]

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.