Hackers claiming responsibility for a cyber attack on one of Australia’s largest private health insurers have sent a ransom note to the company, threatening to leak sensitive customer information.
Although the legitimacy of the message could not be confirmed, the Sydney Morning Herald reported that hackers have threatened to sell 200 gigabytes of stolen data across Medibank’s 3.9 million customers.
The hackers wrote: “We offer to start negotiations in another case we will start realizing our ideas like 1. Selling your Database to third parties 2. But before this we will take 1k most media persons from your database (criteria is: most followers, politicians, actors, bloggers, LGBT activists, drug addictive people, etc) Also we’ve found people with very interesting diagnoses. And we’ll email them their information.”
In a statement released on Wednesday afternoon, Medibank confirmed it had been in touch with a group that “wishes to negotiate with the company regarding their alleged removal of customer data”.
It said the company was now “working urgently” to establish the validity and authenticity of the threat.
“Based on our ongoing forensic investigation, we are treating the matter seriously at this time,” the statement read.
In light of the escalated threats, Cyber Security Minister Clare O’Neil confirmed she has been in contact with Medibank CEO David Koczkar.
“Significant support has been provided by the Australian Signals Directorate’s Australian Cyber Security Centre and the Department of Home Affairs,” she said.
“The incident is another reminder for Australian governments, businesses and citizens to be vigilant about their cyber safety.”
Mr Koczkar said Medibank will “prioritise responding to this matter as transparently as possible”.
In response to the attack, Medibank has also halted trading until further notice.
“Our team has been working around the clock since we first discovered the unusual activity on our systems, and we will not stop doing that now,” he said.
“We will continue to take decisive action to protect Medibank customers, our people and other stakeholders.”
Just last Wednesday, on October 12, the private health insurer said its services had been hit by a “cyber incident”. However at the time the company said there was no evidence customer data had been breached.
“At this stage there is no evidence that any sensitive data, including customer data, has been accessed,” Medibank said in a statement.
“As part of our response to this incident, Medibank will be isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss.”
It went on: “As a result our ahm and international student policy management systems have been taken offline. We expect these systems to be offline for most of the day.”
Medibank is the latest company to be hit with cyber attacks which have compromised the sensitive customer information. Other businesses and organisations which have recently been hit with data attacks include Optus, online wine merchants Vinomofo, Telstra, NAB and MyDeal.com.au, which is a subsidiary of the Woolworths Group.
Know more? Get in touch at jessica.wang@news.com.au