Medibank Leak Hits Dark Web After it Denied Paying Cyber Ransom

On denying the ransom

• David Koczkar, CEO of Medibank, said that even if Medibank pays the cyber ransom, it won't guarantee the return of our customers' data. It moreover won't prevent the attackers from publishing it.
• In fact, they believed that paying the Medibank cyber attackers if they are paid might encourage them even more. It may also result in extortion attempts from the customers. 
• In addition, there is a strong chance that paying the cyber ransom additionally puts more people in harm's way.

Medibank warns customers

• The move of the health insurer of not paying the ransom to attackers meant that they could not go after customers directly, but that also leaves hackers with the only option to make the information public while warning the customers.
• Medibank has warned all its customers and asked them to remain vigilant, as the attackers may publish customer data online or attempt to contact customers directly.

Data impacted

• This includes the service provider's name and location, codes associated with diagnoses and procedures administered, and where customers were administered certain medical services.
• The ransomware cyberattack allowed the attackers to access the names, birth dates, addresses, contact details, email addresses, and other miscellaneous information of about 9.7 million current and former customers and some of their approved representatives.
• Medibank confirmed that primary identity documents, such as driver's licenses, were not accessed for most of its clients. However, the visa details of around 1.8 million international customers that permit them to reside in Australia now stand exposed.
• The ID numbers of 2.8 million customers of the Australian national health scheme (Medicare) were additionally breached during the Medibank cyber attack.

Closing lines