Medibank Breach Update: Hackers Expose Confidential Mental Health Data, Threaten to Leak More

The Russian hacking organization responsible for the breach of Medibank customer data has published claims for mental health care on the dark web. 

The Australia-based insurance company has previously rejected hackers’ demands for a ransom.

Illegally Exposed Mental Health Claims

On a report by WIONews, the cybercriminals’ dark web blog uploaded a file dubbed “psychos” on Sunday night, Nov. 13. It comprises hundreds of applications from policyholders that seem to be connected to mental health care.

The hackers said in the post that they would not have released the information if they had been paid the ransom.

According to them, they never lie, and it does not make sense if they lie about it as no one would take them seriously as a company.

The group said it would hold off on releasing further information until Friday unless anything significant happened on Wednesday.

This coming Wednesday, Medibank will host its annual shareholder meeting.

See Also: Australia’s Medibank Private Hack Exposes 9.7 Million People’s Data

Australia’s Next Move

The Australian Federal Police (AFP) and the Australian Signals Directorate are developing a permanent combined operation of 100 people to deal with hacking organizations.

Minister for Home Affairs of Australia Clare O’Neil said on Saturday that the initiative has the sole purpose of taking down these gangs of cybercriminals.

Earlier, Reece Kershaw, the AFP police commissioner, had urged Russia to assist with criminal investigations.

WIONews reported that the Russian embassy in Canberra issued a statement saying, “Fighting cybercrime that adversely affects people’s lives and damages businesses demands a cooperative, non-politicized and responsible approach from all members of the world community.”

It went on by stating, “For some reason, this announcement was made before the AFP even contacted the Russian side through the existing professional channels of communication.” 

Therefore, the Russian embassy is urging the AFP to contact the relevant Russian law enforcement organizations properly.

Restriction on Paying Cyber Ransoms

O’Neil said that although urgent action was required to improve cybersecurity after massive breaches, more permanent solutions were being investigated. One of these is making it illegal to pay cyber ransoms.

As part of the government’s comprehensive cyber strategy, the state is considering criminalizing the payment of ransomware. 

O’Neil defended Medibank’s decision not to pay the ransom, saying it was the correct move.

The minister said on ABC’s Insiders program that those hackers who are leaking information on Australians online have no moral code whatsoever.

She added that it is only ridiculous to think they can put their faith in these individuals to get rid of the information they have stolen. According to her, these data may have already been duplicated a million times.

Previously Exposed Customer Data

A million health claims and personal information were stolen from Medibank.

The hackers published hundreds of customer details last week after the company declined to pay a ransom to restore the stolen data.

These criminals have already revealed sensitive information about alcoholics and Australian women who had abortions and miscarriages.

Related Article: Medibank Hacked Update: Australia Blames Russia As Data of Patients With Alcohol Illnesses Leaked

This article is owned by Tech Times

Written by Trisha Kae Andrada

ⓒ 2022 All rights reserved. Do not reproduce without permission.

Leave a Reply

Your email address will not be published. Required fields are marked *