Having refused to pay ransom, well being insurer Medibank sees buyer knowledge posted on-line by hackers | Tech Deck

A ransomware gang has began publishing stolen knowledge on the darkish internet from Australia’s largest well being insurer, Medibank.

The leak of Mediabank buyer knowledge comes shortly after the corporate introduced that it could not pay ransom to extortionists.

Curiously, the hackers have printed particulars of the insured purchasers, categorised in two recordsdata labeled “naughty listing” and “good listing”.

The “naughty listing” is believed to be a reference to a declare beforehand made by the attackers that they might launch details about high-profile Medibank purchasers into the general public eye, or those that had obtained diagnoses associated to substance abuse and different drug abuse. doubtlessly embarrassing medical issues. .

Together with the information, the hackers shared screenshots of what they are saying was the (in the end) failed bailout take care of Medibank, and a suggestion that these with shares within the well being insurer ought to promote their shares.

For now, the leaked knowledge quantities to only some hundred megabytes, and the hackers claimed that they might proceed to partially publish knowledge as they wanted “a while to get it proper.”

In keeping with an up to date assertion from Medibank, the leaked knowledge contains private data similar to names, addresses, dates of beginning, telephone numbers, e-mail addresses, Medicare numbers for ahm purchasers and, in some circumstances, passport numbers for worldwide college students. and a few well being claims. knowledge.

What the corporate hasn’t stated is that the leaked knowledge additionally seems to comprise data pertaining to its workers, together with e-mail and cell phone particulars that, whereas not as doubtlessly harmful because the uncovered medical data, may very well be exploited by fraudsters.

Inevitably, there might be scammers benefiting from data leaked by Medibank hackers to focus on harmless individuals. This might take the type of phishing assaults, scams, and even malware assaults distributed through spam e-mail.

Fraudsters can reap the benefits of the excessive degree of misery that Medibank clients are possible experiencing proper now and disguise their communications as if they’re from Medibank, tricking customers into clicking on harmful hyperlinks or handing over delicate data.

Medibank calls on its clients to be risk-aware, do not forget that they may by no means be contacted about passwords or delicate data, and requested clients to report any suspicious emails or SMS messages to them at [email protected]

Cybercrime incidents can be reported to the Australian Cyber ​​Safety Middle by ReportCyber.