Read Time:1 Minute, 46 Second
The sensitive medical information of almost 10 million Australians has been hacked and leaked into the dark. This medical information includes treatments for alcoholism, drug addictions and abortions.
The target of the attacks was Medibank, the country’s largest private health insurer. According to Medibank, a sample of data from some 9.7 million clients has been posted on the dark web. It included names, birth dates, passport numbers and medical claims information.
“The victims were separated into a ‘naughty’ list and a ‘nice’ list. Some on the ‘naughty’ list had numeric codes that appeared to link them to drug addiction, alcohol abuse and HIV,” notes Manila Times journalist Agence France-Presse.
Presse adds, “For example, one record carried an entry that read: “p_diag: F122.” F122 corresponds with “cannabis dependence” under the International Classification of Diseases, published by the World Health Organization.”
Hackers began releasing sensitive information to the dark web when Medibank refused to pay the ransom of US$1 for each of the 9.7 million people whose data had been compromised.
According to the Australian Federal Police (AFP), the hackers were connected to the Russian ransomware criminal organisation REvil since the data was posted in the dark web blog linked to them. The REvil blog posted lists in several days, divulging sensitive medical information.
Medibank CEO David Koczkar reports, “We remain committed to fully and transparently communicating with customers, and we will contact customers whose data has been released on the dark web. “The weaponisation of people’s private information to extort payment is malicious, and it attacks the most vulnerable members of our community.”
“Medibank’s data breach could cost the company more than A$200 million,” notes Bloomberg Intelligence analysts Matt Ingram and Jack Baxter. According to the two, the company may have to pay A$500 to A$2,000 to each customer affected by the data breach.
But the government is working closely with Medibank to end this cybercrime. The AFP reported that they already know the individuals responsible for the Medibank breach but declined to provide the names as they feel it may jeopardise their ongoing investigation.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
