top of page


  • Philip Osadebay - Tech Journalist

Another set of customer data from Medibank leaked on the Dark Web

A ransomware attack is a global problem that needs a global solution, and cases related to cyberattacks increase daily. The Cybercriminals behind the Medibank ransomware attack release the remaining data stolen from the Australian health insurance giant (Medibank).

The cyber attackers are believed to be linked to the Russian-backed rival ransomware gang. The attackers took the personal data of 9.7 million customers and the health data of almost 500,000 customers. Medibank confirmed that the stolen data were folders containing six raw zip files.

The cybercriminals involved in this act previously published customer names, dates of birth, passport numbers, medical application details, and sensitive files relating to abortion and alcohol-related illnesses. They also claimed they released the information after Medibank refused to pay their $10 million ransom, which was later reduced to $9.7 million, or $1 per affected customer.

Medibank, in a statement, spoke about how they are currently analyzing the latest leaked data, which criminals have stolen. In the course of the investigation, no indication that the criminals took any financial or banking information.

The Australian health insurance giant encourages customers to be vigilant in all online communications and transactions and beware of phishing scams in case of data breaches. Medibank added that it would add two-factor authentication to increase security.

While Medibank is taking steps to strengthen its cyber security, the company could face severe financial penalties after the Australian Parliament passed a law this week that paves the way for companies to face fines of up to $50 million for repeated or major data breaches. The Office of the Australian Information Commissioner (OAIC) ​​announced Thursday that it had launched an investigation into Medibank's processing practices.

News of the investigation comes after the Australian Federal Police (AFP) announced in November that it had the identities of those responsible for the Medibank attack. The agency declined to name the individuals but said police believe the perpetrators of the breach are based in Russia, although some affiliates may be based in other countries. The Russian embassy denies such allegations.

Although their identity is still unknown, the attackers responsible have already made progress in hacking Medibank. In recent days, the group has posted new victims on its dark web blog, including the New York medical group Sunknowledge Services and the Kenosha Unified School District.


bottom of page