Medibank Hackers Dump Records of Patients with Alcohol Illnesses on the Dark Web

After targeting aborted pregnancies, Medibank hackers have turned to patients with alcohol-related illnesses.

Medibank hackers exposed private medical information on the dark web for a third day on Friday, Nov. 11. But this time they are concentrating on alcohol-related illnesses, as they force Australia's biggest health insurance company to pay a ransom for the plundered client data of over 10 million people, according to a report by AP.

Government Owned Medibank Set To Go Private
MELBOURNE, AUSTRALIA - OCTOBER 01: People walk past Medibank signage outside of the Medibank building in Docklands on October 1, 2014 in Melbourne, Australia. The Abbott government is privatising Australia's largest health insurer, Medibank Private in what will be the biggest Australian initial public offering since 2010. Medibank Private will list on the Australian Stock Exchange in December of this year. Scott Barbour/Getty Images

Most Invasive Cybercrime

After Medibank decided against paying a ransom for the return of the stolen data, the thieves started leaking hundreds of customer records on Wednesday, including those relating to HIV and drug addiction treatments, which they referred to as a "naughty" list.

The cyberhackers also dumped sensitive data of patients with harmful levels of alcohol consumption on Thursday. They even went as far as posting records of Aussie women who had non-viable pregnancies or abortions on Friday.

More than 700 customers' medical treatment records had been made public on the same day in what has been called Australia's most invasive cybercrime so far.

Numerous other customers' private information, such as phone numbers and email addresses, that could make them vulnerable to fraud or identity theft, has also been made public, according to AP.

David Koczkar, CEO of Medibank, confirmed the third leak and stated that his organization was contacting impacted customers and providing assistance. He noted that the illegal dumping would continue in the coming days.

Australian officials are hoping that the information stays on the dark web and is not disseminated to a larger audience via social media or extensively covered by news outlets.

Prime Minister Anthony Albanese cautioned against anyone obtaining the data. He is also one of the 9.7 million Medibank customers whose personal information has been illegally taken.

Albanese added that Australian Federal Police will identify the perpetrator of the crime later on Friday.

How the Breach Started

Koczkar, who apologized on behalf of the company and committed to being accountable for protecting client data on Friday, said that the leaking was "disgraceful."

The media has been asked not to download any illegally obtained material by Medibank due to the delicate nature of the stolen client information.

Someone with high-level access to the health insurance company had their credentials stolen, which led to the wider Medibank breach. According to news.com.au, it appears that the login information was sold to a Russian cybercrime site.

In its investor call on October 17, Medibank provided a more thorough account of the hacking and mentioned the stolen user credentials.

The company took the preventive action of making the systems offline in order to protect client data during the onslaught of the breach. It was discovered throughout the investigation that cybersecurity systems had detected activity that was consistent with ransomware.

This article is owned by Tech Times

Written by Jace Dela Cruz

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics