The health status and personal details of many Medibank clients, including Prime Minister Anthony Albanese, were leaked to a dark web blog by a Russian ransomware group after the private health insurer refused to pay the ransom .
"We will keep posting some insights, we need some time to make it nice," the hackers wrote. "We will continue to release partial information along with Confluence, source codes, a list of things, and some files taken from the Medi file system from various hosts."
The knowledge dump is realizing some of the worst fears of Medibank management, which announced in late October that the data of the company's 3.9 million customers, including international student customers, had been hacked, as well such as data from potential health care insurers, eg.
In a statement sent to the Australian Stock Exchange in late October, the health insurer's chief executive, David Koczkar, said the hack was a "horrible crime" designed to cause "maximum harm" to those likely to be harmed. be the most vulnerable members of the group. . At the time, Koczkar said the company was dealing with hackers over 200 gigabytes of private information.
That same week, it was unclear how many people were affected by the attack, but details of up to 1,000 customers were taken by hackers, who confirmed this in an email update to Medibank leadership.
Until earlier this week, Medibank was reluctant to rule out paying a ransom to the suspected hackers behind the attack, believed to be the Russian-backed ransomware group REvil.
In a blog post, the hackers allegedly published some of their latest negotiating emails with Medibank, which ended on November 7, the same day the health insurer publicly announced that it would not give in to ransom demands.
On Wednesday, the private health insurer issued an announcement confirming the data dump, which the company says "appears to be a sample of data" that the insurer had previously confirmed the group had hacked.
“Information includes private information such as names, addresses, dates of birth, phone numbers, email addresses, Medicare numbers for AGM clients (no expiration dates), possibly passport numbers for our students from around the world ( no expiration dates) and some dates. also health claims,” Medibank said in a press release.
"We understand that crime will continue to post files to the dark web."
As a result, the Australian Federal Police launched an investigation into the hack dubbed "Operation Palladius", along with separate investigations into the Optus hack and the MyDeal breach, each of which affected more than 2 million customers.
Australia's Home Affairs and Cybersecurity Minister Clare O'Neil called the Medibank hackers "disgraceful people" who she said likely would not have been stopped even after Medibank decided to pay the undisclosed ransom.
"I have no words to describe the disgust I feel for crimes of this nature," O'Neil said.
Follow John on Twitter.
Read more from VICE Australia and subscribe to our weekly publication, This Week Online.