Medibank’s main customers not affected in hacker data leaks

Medibank has confirmed that the customers of its budget ahm brand have been the only policyholders whose private health data has been released by hackers who stole information on its entire customer base last month.

Australia’s largest private health insurer also said that a substantial amount of the information the hackers released has been wrong, suggesting the cyber criminals have had a tough time properly extracting information from the stolen data.

Medibank chief executive, David Koczkar, told investors last week that some of the information released by the hackers was incorrect. Credit:Luis Enrique Ascui

The hackers have drip-fed sensitive health information about Medibank customers on the dark web in an attempt to pressure the company into paying a $US10 million ($15 million) ransom, which the insurer has refused to pay.

The hackers accessed the health claims data for about 160,000 Medibank customers, 300,000 ahm customers and 20,000 international customers.

Medibank chief executive David Koczkar told investors last week that the company’s resolve to not pay a ransom had not changed, and he warned that information being released on the dark web was often incorrect.

“The data that’s actually on the dark web is sometimes not accurate. It’s not complete,” he said.

Medibank has now confirmed that its analysis has shown about 25 per cent of records released on the dark web did not match against that policy for that procedure.

The hackers held off from releasing further data ahead of the shareholder meeting last Wednesday to see if Medibank would relent and pay the ransom. Early Sunday morning, the criminals then released another 1500 customer records containing sensitive health information – the largest release of health data so far in the incident.

The data was labelled STD, suggesting it related to treatment for sexually transmitted diseases, but in fact it related to clients with chronic conditions such as heart disease, diabetes, anaemia and asthma.

The dark web forum hosting the hacker’s blog – which they have used to release customer data – has been offline since yesterday.

Medibank is not the only organisation to be hit by hackers recently.

Engineering group Aurecon is still suffering the effects of a cyberattack last month.

The Australian company, which has more than 7500 employees globally, would not say if it had been contacted by hackers for a ransom. It declined to give an update on any continuing impact on its business and referred to a statement earlier this month.

“The incident response included disabling access to Aurecon’s online platforms,” it said at the time. “As part of our ongoing response to this incident we can expect some necessary but unavoidable disruption.”

It said that an investigation was seeking to establish the level of any impact on the company’s systems.

“We understand the urgency of this matter and will continue to keep our clients, government agencies and staff informed of any new information.”

This week, children’s charity The Smith Family confirmed it was hit by a cyberattack with hackers accessing its donors’ confidential information including credit card details.

The charity, which helps to educate children in need, has not yet said how many donors have been affected.

Medibank has said that credit card details of its customers were not accessed as part of the attack last month, and the identity data stolen by the hackers is not sufficient to enable identity and financial fraud.

Federal Police commissioner Reece Kershaw this month named Russia as the home of the Medibank hackers as experts warned Australians to expect a wave of financially motivated cybercrime from the country.

The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.

Most Viewed in Business

From our partners

Source: Read Full Article