Hackers who stole private information from Medibank claim they leaked data of Australian women who had to end non-viable pregnancies or undergo abortions, according to a report by news.com.au.
MELBOURNE, AUSTRALIA - OCTOBER 01: Medibank signage sits on top of the Medibank building in Docklands on October 1, 2014 in Melbourne, Australia. The Abbott government is privatising Australia's largest health insurer, Medibank Private in what will be the biggest Australian initial public offering since 2010. Medibank Private will list on the Australian Stock Exchange in December of this year
Dark Web Forum
The post contains a spreadsheet containing the names, contact information, and billing codes for 303 patients and policyholders. The hackers leaked the details about women who underwent procedures in a file on a dark web forum titled "abortion."
The illegal data may have also included women who experienced non-viable pregnancies such as ectopic pregnancies, miscarriages, molar pregnancies, readmission for complications, and fetal anomalies.
The hackers have also proposed to reduce the cash payment needed to halt drip-feeding patients' private medical records, according to a recent post from a Russian ransomware organization that is taking credit for the data theft.
The post said that it could make a discount of "9.7m 1$=1 customer."
"Medibanks CEO stated, that ransom amount is 'irrelevant'. We want to inform the customers, that he refuses to pay for yours data more, like 1 USD per person. So, probably customers data and extra efforts don't cost that," the post reads, as retrieved by news.com.au.
As a result, Medibank has now acknowledged that it is aware that the thief has posted a new file on a dark web forum that allegedly contains client information taken from Medibank's systems.
Read also: Medibank Warns its Clients of Hackers Who Started Leaking Stolen Confidential Data
"Disgraceful"
David Koczkar, CEO of Medibank, said that leaking this stolen data on the dark web is "disgraceful." He apologized on behalf of the company and pledged to take responsibility for protecting customer data.
Due to the delicate nature of the stolen client information, Medibank has requested that the media refrain from downloading illegally obtained data.
The Medibank breach began when someone with high-level access to the company had their credentials stolen. The login credentials seem to have been sold to a Russian cybercrime site, as per news.com.au.
The stolen user credentials were mentioned in Medibank's investor call on Oct. 17, which gave a more in-depth explanation of the hacking. It was disclosed that Medibank noticed the odd activity in its cyber security systems.
As a result, the incident response was started by the cyber security team. The IT infrastructure was the focus of the strange activity, as Medibank learned later that evening.
To preserve client data, it took the preventative measure of taking the systems offline. The examination, which is still ongoing, revealed that cybersecurity systems had picked up activity consistent with ransomware.
The Australian Cyber Security Centre received word of this initial discovery and gave Medibank additional direction in support of this finding.
Related Article: Australia's Medibank Private Hack Exposes 9.7 Million People's Data
This article is owned by Tech Times
Written by Jace Dela Cruz
