Hackers have released more stolen Medibank data, with the medical records of nearly 1,500 customers released on the dark web on Sunday.
- Recordings belonging to 1,469 clients have been published on the dark web
- CEO says company continues to work with AFP
- Medibank again apologized to customers
According to Medibank, the latest version included people with chronic conditions such as heart disease, diabetes and asthma, people with cancer, people with dementia, people with mental health problems, people with infections and people with injuries, among other conditions.
Some of the people on the list have been diagnosed with mental illness or delirium, which is an acute change in mental status that can be triggered by illness, injury, surgery or medication.
Medibank confirmed that it had analyzed the file called “STD”, which did not contain STD codes. The common condition in this list was anemia.
Medibank CEO David Koczkar said the company is doing everything possible to support customers.
“We will continue to support everyone who has been impacted by this crime through our Cyber Response Support Program,” he said.
“This includes mental health and well-being support, identity protection and financial hardship measures.
“Anyone who downloads this data from the dark web, which is more complicated than searching for information on a public internet forum and tries to profit from it, is committing a crime.
“Australian Federal Police said law enforcement would take swift action against anyone attempting to profit, exploit or commit criminal offenses using stolen Medibank customer data.
“We continue to work closely with the Australian Federal Police who are focusing, through Operation Guardian, on preventing the misuse of this data for criminal purposes.”
Mr Koczkar had previously said that around 480,000 customer health data were allegedly stolen.
“Once again, I unreservedly apologize to our customers,” he said.
“We remain committed to communicating fully and transparently with customers and will continue to reach out to customers whose data has been posted on the dark web.”
The data released on Sunday included four files containing 1,469 records, 123 of which have already been released.
Of those, 375 of the 1,496 records do not match this policy for this procedure, according to Medibank, which said previous files released did not match their records either.
The release of the data adds to the 1,200 files already published on the dark web, bringing the total to 2,669.
Hackers have already demanded $9.7 million ($15.09 million) in ransom for the recordings.
The federal government supported Medibank’s decision not to pay the ransom to prevent disclosure of customer data.
AFP Commissioner Reece Kershaw has confirmed that Russian-based criminals have been identified as the culprits of the Medibank hack, which the Russian Embassy denies.
Loading the form…