Medibank Russian hackers release information of another 1,500 patients

Russian hackers responsible for breaking into Medibank released another 1,496 records in the largest data drop to date.

The cybercriminals uploaded four folders to the dark web on Sunday labeled “sexually transmitted diseases,” “HIV,” “psycho,” and “viral hep.”

Hackers claim that the list contains information from people living with chronic conditions such as heart disease, diabetes, cancer, dementia and mental illness.

It is the hackers’ biggest data drop to date, bringing the number of records released to 2,700.

Medibank CEO David Koczkar said investigations were already underway to establish the veracity of the leaked information.

“Previously released files do not match our records,” he said.

“For example, we are halfway through analyzing the STI list – so far there are no codes related to STIs.

“Anyone who downloads this data from the dark web, which is more complicated than searching for information on a public internet forum, and tries to monetize it is committing a crime.”

About 375 of the files included in the latest data drop appear to be mismatched with Medibank data.

“We will continue to support all people affected by this crime through our Cyber ​​Response Support Program,” Mr Koczkar said.

Again, my sincere apologies to our customers.

“We remain committed to full and transparent communication with customers and we will continue to contact customers whose data has been disclosed on the dark web.”

It is the fifth set of information posted online by the hackers after Australian authorities refused to comply with their demands and pay a $15 million ransom.

About 9.7 million customers are believed to have become involved in the hack with personal information stolen by the cybercriminals.

Home Secretary Clare O’Neil said she would share Medibank customers’ frustrations over a lack of communication and transparency with the company.

Chairman Mike Wilkins defended his company’s handling of the cyberattack and lackluster communications with shareholders and customers, saying the company would continue to be measured by how it responds.

“We have always taken our IT security very, very seriously and still do,” he said in response to a question from a shareholder at the company’s annual general meeting on Wednesday.

“We believe our processes were robust, although clearly not robust enough in this circumstance. And we will learn from that when we have completed this review.’

Prime Minister Anthony Albanese said he was “disgusted” by the hackers’ actions.

“But the fact is that the country where these attacks come from should also be held responsible for… releasing information, including the very private and private information,” he said on Nov. 11.

“I say to the people who are upset by this revelation, we stand with you right now.”

The cyber attack has overshadowed the health insurer’s robust business operations.

The number of net resident policyholders was up 14,500 as of November 12 and the non-resident business saw customer growth of 14 percent in the September quarter.

The company expected underlying net claims per policy unit resident to remain stable at 2.3 percent for the full year and Mr. Koczkar said the company remained strongly capitalised.

Medibank bosses will still take home bonuses worth $7.3 million despite the massive data breach.

The cleanup bill in the wake of the data breach was expected to cost between $35 million and $150 million, but executives would still keep their bonuses.

Mr Wilkins said executive pay will not be reviewed until next year, after the completion of an external review of the attack.

“That’s something we’ll take for the year 2023 once we have the full results of the study,” he said.

Mr. Kockzar took home $1.1 million in bonuses in the past fiscal year, with total pay of $2.59 million.