Extrusion expert threatens to release Australian customer data

CANBERRA, Australia –

A blackmailer has threatened to make Medibank’s customer data public within 24 hours after Australia’s largest health insurer refused to pay a ransom for the personal records of nearly 10 million existing customers and before.

Medibank on Monday ruled out paying a ransom for the stolen data. The theft was reported to police on October 19 when trading in the company’s stock was halted for a week.

The thieves are said to have threatened to reveal the diagnoses and treatments of famous clients unless an undisclosed ransom was paid.

“Based on the extensive advice we received from cybercrime experts, we believe there is only a limited chance of paying a ransom that will ensure customer data is returned and prevent it from being stolen. that data is published,” Medibank CEO David Koczkar said in a statement.

“In fact, paying could have the opposite effect and encourage criminals to extort money directly from our customers and it’s very likely that paying will put more people in harm’s way by making Australia a target.” bigger target,” added Koczkar.

A blogger using the name “Blackmail Gang” posted Monday night on the dark web that “data will be published (sic) in 24 hours.”

“P.S., I recommend selling medibank (sic) stock,” the blog added.

The post does not include data samples that can prove the author holds the data. But Medibank on Tuesday took this threat seriously.

“We know it is possible for criminals to publish data online, but the threat of crime remains a worrying development for our customers,” said Koczkar. ‘ said Koczkar.

Koczkar urged customers to be vigilant and warned that criminals could contact them directly.

Medibank this week updated its estimate of the number of people whose personal information was stolen from 4 million two weeks ago to 9.7 million. The stolen data included the health claims of nearly 500,000 people including diagnosis and treatment, the company said.

“The weaponization of their personal information is malicious and it’s an attack on the most vulnerable members of our society,” Koczkar said.

Cybersecurity Secretary Clare O’Neil welcomed Medibank’s stance, saying that refusing to pay the ransom was in line with her government’s advice.

This week, Medibank revealed that a hacker stole the usernames and passwords of company employees to gain access to a customer database.

At least two legal firms said they were investigating a potential class action lawsuit against Medibank for failing to protect customer data.

Medibank share price fell nearly 3% in early Tuesday trading on the Australian Security Exchange following threats of data disclosure and lawsuits.

Source by [author_name]


News7h: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button