Hackers on Thursday demanded ten million dollars to stop revealing sensitive medical data after a cyber attack in Australia against a health insurance giant. Medibank, one of the country’s largest private health insurers, admitted this week that hackers had been able to access the personal data of its approximately 9.7 million customers and former customers, including Prime Minister Anthony Albanese.
After publishing an initial “sample” of this data on Wednesday, the hackers published a second on Thursday on a “dark web” forum – which cannot be found using traditional browsers. In particular, this contained personal information about hundreds of people.
The first information revealed appeared to be selected to cause significant harm, targeting people being treated for substance abuse, sexually transmitted infections or pregnancy terminations. “(We) added one more file, abortions.csv,” the anonymous hackers wrote before detailing their ransom demand. “It’s 10 million US dollars. We can make a discount (…) 1 dollar = 1 customer”, they specify on this forum. The insurance company has so far refused to pay the hackers.