AP

Abortions exposed among Australian health insurer customers

Nov 9, 2022, 9:58 PM | Updated: Nov 10, 2022, 12:52 am

CANBERRA, Australia (AP) — Extortionists dumped stolen client records relating to pregnancy terminations on the dark web on Thursday in their latest effort to pressure Australia’s largest health insurer to pay a ransom.

The cybercriminals began dumping customer records on Wednesday including treatments for HIV and drug addiction after Medibank this week ruled out paying a ransom for the return of the hacked data.

The criminals, who used the name “Extortion Gang,” on Thursday posted that they had demanded $9.7 million — $1 for the records of each of the 9.7 million current and former Medibank customers that were stolen.

Most concerning was the theft of health claims for almost 500,000 customers that include diagnoses and treatments.

Medibank CEO David Koczkar condemned the release of Thursday’s tranche of data as “disgraceful.”

“The weaponization of people’s private information in an effort to extort payment is malicious, and it is an attack on the most vulnerable members of our community,” Koczkar said in a statement.

Cybersecurity Minister Clare O’Neil described the targeting of women who had terminated pregnancies as “morally reprehensible.”

“Yesterday, I indicated to the Parliament that the consequences of the Medibank hack were likely to get worse, and today those fears have been realized,” O’Neil told Parliament.

“And I want to say, particularly to the women whose private health information has been compromised overnight, as the minister for cybersecurity but, more importantly, as a woman, this should not have happened,” she added.

Medibank and government services were standing ready to support all customers in need even if a “large data dump occurs,” O’Neil said.

The extortionists have warned that the dumps will continue daily.

Cybersecurity expert and Medibank customer Nigel Phair spoke of his frustration at not knowing how much of his personal data had been stolen.

“You just don’t know what’s been lost of your own details: Is it your name, your date of birth, is it your address, is it everything and more?” Phair told Australian Broadcasting Corp.

Medibank had failed to adequately address basic risk management questions on what data was stored, where it was stored, who had access and how that data was accessed, Phair said.

“If they’d done that competently beforehand, and put appropriate controls (in place), this wouldn’t have happened,” Phair said.

The extortionists have been linked to high-profile Russian cybercrime gang REvil, short for Ransomware Evil and also known as Sodinokibi.

The Russian Federal Security Service said in January REvil “ceased to exist” after several arrests were made at the insistence of the United States.

Troy Hunt, founder of the “Have I been Pwned?” website, a service that enables users to check if their personal details have been exposed by data breaches, said it was unclear how REvil was involved.

An old REvil dark web site had started redirecting traffic to a new site that hosts the stolen Medibank data, Hunt said.

REvil could have rebranded as BlogXX, the name by which the Medibank hackers are becoming increasingly well known within cybersecurity circles, or former REvil operatives might have found a new home.

“The reality is, it’s a bit like any job — people come and go,” Hunt said.

Conversations between the hackers and Medibank that have been published with the data dumps show that the operation was initially intended to be a ransomware attack. That would have denied Medibank access to its own customer records and heightened pressure on finding a quick resolution.

But the hackers said they ran out of time to encrypt Medibank’s systems with ransomware so fell back on the plan to monetize the data that had already been stolen.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

Arizona and New York attorneys feud over extraditing suspect...

Associated Press

Why Alvin Bragg and Rachel Mitchell are fighting over extraditing suspect in New York hotel killing

Maricopa County Attorney Rachel Mitchell says she isn't into extraditing a suspect due to her lack of faith in Manhattan’s top prosecutor.

4 days ago

A Gila monster is displayed at the Woodland Park Zoo in Seattle, Dec. 14, 2018. A 34-year-old Color...

Associated Press

Colorado man dies after being bitten by pet Gila monster

A Colorado man has died after being bitten by his pet Gila monster in what would be a rare death by one of the desert lizards if the creature's venom turns out to have been the cause.

5 days ago

Police clear the area following a shooting at the Kansas City Chiefs NFL football Super Bowl celebr...

Associated Press

1 dead, many wounded after shooting at Kansas City Chiefs’ Super Bowl victory parade

One person died after 22 people were hit by gunfire in a shooting at the end of the Kansas Chiefs' Super Bowl victory celebration Wednesday.

12 days ago

This image from House Television shows House Speaker Mike Johnson of La., banging the gavel after h...

Associated Press

GOP-led House impeaches Homeland Security Secretary Mayorkas — by one vote — over border management

Having failed to impeach Homeland Security Secretary Alejandro Mayorkas the first time, House Republicans are determined to try again Tuesday.

13 days ago

Defense Secretary Lloyd Austin, right, and Kenya's Defense Minister Aden Duale, left, listen during...

Associated Press

Defense Secretary Lloyd Austin hospitalized with bladder issue

Defense Secretary Lloyd Austin has been hospitalized following symptoms pointing to an “emergent bladder issue."

15 days ago

Joel Osteen, the pastor of Lakewood Church, stands with his wife, Victoria Osteen, as he conducts a...

Associated Press

Woman firing rifle killed by 2 off-duty officers at Houston’s Lakewood Church run by Joel Osteen

A woman entered the Texas megachurch of Joel Osteen and started shooting with a rifle Sunday and was killed by two off-duty officers.

15 days ago

Sponsored Articles

...

DISC Desert Institute for Spine Care

Sciatica pain is treatable but surgery may be required

Sciatica pain is one of the most common ailments a person can face, and if not taken seriously, it could become one of the most harmful.

...

Collins Comfort Masters

Avoid a potential emergency and get your home’s heating and furnace safety checked

With the weather getting colder throughout the Valley, the best time to make sure your heating is all up to date is now. 

...

Sanderson Ford

The best ways to honor our heroes on Veterans Day and give back to the community

Veterans Day is fast approaching and there's no better way to support our veterans than to donate to the Military Assistance Mission.

Abortions exposed among Australian health insurer customers