Hacker releases Australian health insurer’s customer data

Nov 8, 2022, 5:53 PM | Updated: Nov 10, 2022, 7:02 pm
A computer and phone display pages from the Medibank Private website in Sydney, Tuesday, Nov. 8, 20...

A computer and phone display pages from the Medibank Private website in Sydney, Tuesday, Nov. 8, 2022. Medibank client data was published by an extortionist Wednesday, Nov. 9, including details of individuals' medical procedures, after Australia’s largest health insurer refused to pay a ransom for the personal records of almost 10 million current and former customers. (AP Photo/Rick Rycroft)

(AP Photo/Rick Rycroft)

CANBERRA, Australia (AP) — Client data from Medibank, Australia’s largest health insurer, was released by an extortionist on Wednesday, including details of HIV diagnoses and drug abuse treatments, after the company refused to pay a ransom for the personal records of almost 10 million current and former customers.

The material released on the dark web appeared to be a sample of the data that Medibank has determined was stolen last month, the company said. Medibank expects the thief will continue releasing data.

“This is a criminal act designed to harm our customers and cause distress,” Medibank CEO David Koczkar said in a statement that reiterated a previous apology to customers.

“We take seriously our responsibility to safeguard our customers and we stand ready to support them,” he added.

The data included what the thief called a “naughty list” of more than 100 names. Among them were patients who had contracted HIV and others who were treated for addictions to drugs and alcohol and for mental health problems.

One of the exposed customers contacted by Nine News television responded with anger toward Medibank.

“Letting customers discover their most sensitive information imaginable has been published and hearing it on the news, Medibank’s response has been pathetic,” the unidentified man, whose image was not broadcast, told Nine.

Cybersecurity Minister Clare O’Neil, who is a Medibank customer and has had personal data stolen, urged social and traditional media companies to prevent their platforms from being used to share people’s stolen medical histories.

“If you do so, you will be aiding and abetting the scumbags who are at the heart of these criminal acts and I know that you would not do that to your own country and your own citizens,” O’Neil told Parliament.

She said the number of people whose medical information has been released was “small at this stage.”

“But I want the Australian people to understand that that is likely to change, and we are going through a difficult period now that may last for weeks, possibly months, not days and hours,” O’Neil added.

Prime Minister Anthony Albanese, who is also a Medibank customer, welcomed the company’s refusal to pay the hacker to have the records returned.

“This is really tough for people. I’m a Medibank Private customer as well and it will be of concern that some of this information has been put out there,” Albanese told reporters, referring to a Medibank brand.

“The company has followed the guidelines effectively, the advice, which is to not engage in a ransom payment. If you go down this road, then you end up with more difficulties potentially across a wider range,” Albanese said.

The thieves had reportedly threatened to expose the diagnoses and treatments of high-profile customers unless a ransom of an undisclosed amount was paid, but Medibank decided there was “only a limited chance” that a payment would prevent the data from being published.

A blogger using the name “Extortion Gang” posted Monday night on the dark web that “data will be publish in 24 hours.”

Medibank this week updated its estimate of the number of people whose personal information was stolen from 4 million two weeks ago to 9.7 million. The stolen data includes health claims of almost 500,000 people including diagnoses and treatments, the company said.

The theft of the personal records of 9.8 million customers of Optus, Australia’s second-largest wireless telecommunications carrier, that was discovered on Sept. 21 prompted the government to promise heftier penalties for corporations that fail to protect private data.

The House of Representatives on Wednesday passed an urgent bill that would increase penalties for serious breaches of the Privacy Act from 2.2 million Australian dollars ($1.4 million) to AU$50 million ($32 million) or more.

The government hopes the bill will be passed by the Senate and become law this month.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

FILE - Capital murder defendant and former U.S. Border Patrol Juan David Ortiz looks around the cou...
Associated Press

Jurors hear ex-Border Patrol agent’s confession in killings

SAN ANTONIO (AP) — Jurors in the capital murder trial of a former U.S. Border Patrol agent have heard a taped interview in which he confesses to the 2018 killings of four sex workers in South Texas. If convicted of capital murder, Juan David Ortiz, 39, faces life in prison without parole because prosecutors are […]
17 hours ago
FILE - A Twitter logo hangs outside the company's San Francisco offices on Nov. 1, 2022. A top Euro...
Associated Press

As Musk is learning, content moderation is a messy job

Now that he’s back on Twitter, neo-Nazi Andrew Anglin wants somebody to explain the rules. Anglin, the founder of an infamous neo-Nazi website, was reinstated Thursday, one of many previously banned users to benefit from an amnesty granted by Twitter’s new owner Elon Musk. The next day, Musk banished Ye, the rapper formerly known as […]
17 hours ago
FILE - In this photo taken by an individual not employed by the Associated Press and obtained by th...
Associated Press

Iran morality police status unclear after ‘closure’ comment

CAIRO (AP) — An Iranian lawmaker said Sunday that Iran’s government is “paying attention to the people’s real demands,” state media reported, a day after a top official suggested that the country’s morality police whose conduct helped trigger months of protests has been shut down. The role of the morality police, which enforces veiling laws, […]
17 hours ago
Secretary of State Antony Blinken speaks at the J Street National Conference at the Omni Shoreham H...
Associated Press

Blinken vows US support for Israel despite unease over gov’t

WASHINGTON (AP) — Secretary of State Antony Blinken said Sunday the U.S. will not shrink from its unwavering support for Israel despite stark differences with Prime Minister-elect Benjamin Netanyahu and concerns the Biden administration may have about potential members of his incoming right-wing government. Speaking to a left-leaning group that some on the right accuse […]
17 hours ago
Associated Press

Farmer: Georgia dog injured saving sheep from coyote attack

DECATUR, Ga. (AP) — A Georgia sheepdog is recovering at home two days after killing a pack of coyotes that attacked his owner’s flock of sheep, farmer John Wierwiller said. Casper, a 20-month old Great Pyrenees from Decatur, fought off a pack of coyotes who were threatening Wierwiller’s sheep farm, he said. The fight lasted […]
17 hours ago
Associated Press

Report: Woman attacks 6 deputies at New Orleans airport

Officials say a woman bit, kicked and spat on six sheriff’s deputies while refusing to exit a plane at an airport in Louisiana early Thanksgiving Day, The Times-Picayune/The New Orleans Advocate reported Saturday. Authorities said the 25-year-old woman attacked Jefferson Parish sheriff’s deputies at Louis Armstrong New Orleans International Airport, according to local news reports. […]
17 hours ago

Sponsored Articles

...
Quantum Fiber

How high-speed fiber internet edges out cable for everyday use

In a world where technology drives so much of our daily lives, a lack of high-speed internet can be a major issue.
...
Quantum Fiber

Stream 4K and more with powerful, high-speed fiber internet

Picking which streaming services to subscribe to are difficult choices, and there is no room for internet that cannot handle increased demands.
...
Quantum Fiber

How high-speed fiber internet can improve everyday life

Quantum Fiber supplies unlimited data with speeds up to 940 mbps, enough to share 4K videos with coworkers 20 times faster than a cable.
Hacker releases Australian health insurer’s customer data