Sydney, Australia, Nov 10 (EFE).- The hackers allegedly behind the massive Medibank data breach in Australia demanded US$10 million in ransom and posted sensitive health information online, including of pregnancy terminations, according to a message published early Thursday.
The message posted on the dark web said the group demanded $1 for each of the 9.7 million clients and former clients of the private health insurance provider whose data was stolen, in order to prevent the leak of the information.
“Society ask us about ransom, it’s a 10 millions usd. We can make discount 9.7m 1$=1 customer,” it said, according to public broadcaster ABC.
Multiple news outlets reported that the group also released a file on Thursday linking policyholder claims to pregnancy terminations.
“Yesterday I indicated to the parliament that the consequences of the Medibank hack were likely to get worse, and today those fears have been realized,” Home Affairs and Cyber Security Minister Clare O’Neil said Thursday at the legislative headquarters in Canberra.
Calling the hack “morally reprehensible” and “criminal,” O’Neil appeared emotional as she apologized “particularly to the women whose private health information has been compromised overnight.”
“I want the scumbags behind this attack to know that the smartest and toughest people in this country are coming after you,” she warned.
Medibank said it was “aware that the criminal has released an additional file on a dark web forum.”
In the first leak on Wednesday, hundreds of customers’ sensitive information were released by the group under files named “good-list” and “naughty-list” after Medibank refused to pay the ransom.
Medibank CEO David Koczkar on Thursday described the second release of stolen data as “disgraceful” and “malicious,” calling it “an attack on the most vulnerable members of our community.”
“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care,” he said.
The Australian Federal Police is investigating this the hack under Operation Guardian, which also includes the theft last month of data from Optus phone company, the second largest in the country. EFE