A ransomware gang with suspected connections with the defunct Russian REvil group recently stole and released health information from millions of Australians.
Medibank, Australia’s most prominent health insurance provider, announced it was experiencing a “cyber incident” on October 13.
The company said it found unusual activity on its network and immediately tried to resolve the issue. Days later, Medibank said its data may have leaked.
Ransomware gang releases data of nearly ten million Medibank clients.
On November 7, 2022, the Melbourne-based insurance firm admitted that a ransomware group stole 500,000 health claims.
Eventually, the issue spread to roughly 9.7 million customers and Medibank representatives.
The total number represented 5.1 million Medibank customers, 2.8 million Australian Health Management (AHM) Group customers, and 1.8 million international clients.
The hackers took names, dates of birth, addresses, phone numbers, and email addresses. Also, they accessed Medicare numbers from AHM customers.
The ransomware gang took passport numbers and visa information from international students. Moreover, the group found the specific medical services the customers used.
The diagnoses and procedures they received also came out. Medibank CEO David Koczkar released an apology letter for clients, saying:
“Based on the extensive advice we have received from cybercrime experts, we believe there is only a limited chance paying a ransom would ensure the return of our customers’ data and prevent it from being published.”
“In fact, paying could have the opposite effect and encourage the criminal to extort our customers directly. There is a strong chance that paying puts more people in harm’s way by making Australia a bigger target.”
“We will continue to support all people who have been impacted by this crime through our Cyber Response Support Program. This includes mental health and wellbeing support, identity protection, and financial hardship measures.”
In response, the ransomware gang has started posting stolen client data on the dark web. It shared hundreds of names, birthdates, addresses, and Medicare info under a “good list” and “naughty list.”
The group said, “Looking back, that data is stored not very understandable format (table dumps) we’ll take some time to sort it out. We’ll continue posting data partially, need some time to do it pretty.”
Conclusion
More businesses and other organizations have been experiencing cyberattacks nowadays. For example, last year’s Colonial Pipeline hack temporarily raised gas prices in the United States.
As a result, the demand for cyber insurance has been expanding worldwide. Fortune Business Insights said the industry would grow from $12.83 billion to $63.62 billion by 2029.
The Philippines has been undergoing a digital transformation too. Keep up with the latest trends by reading more articles from Inquirer Tech.