(Very) bad news for millions of people. Medibank, Australia’s largest health insurance provider, was the victim of a massive cyber attack in October. Initially, the number of victims was estimated at 4 million. But it is ultimately 10 million customers who would be affected, according to information from Bloomberg disclosed by BFM Tech on Monday.
According to Medibank, the hackers have stolen the customers’ personal data such as their first and last name, their date of birth, their e-mail and postal address but also their telephone number. Certain Medicare numbers, which correspond to Social Security numbers, are also among the stolen files. Like passport numbers of foreign students and information about the customers of the insurance company’s subsidiaries.
The number of victims may still rise
According to information from Bloomberg, a ransom was demanded from Medibank, which however refused to pay. “Based on advice we received from cybercrime experts, payment of ransom does not guarantee us 100% recovery of our customers’ data or prevent it from being published. In fact, payment could even have the opposite effect and encourage criminals to blackmail our customers directly; so there is a good chance that payment will have a negative impact on a larger number of people,” reasoned David Koczkar, CEO of the Medibank Group.
The extent of the damage caused by this massive cyber attack has yet to be fully determined. The number of victims may still grow. An internal audit will make it possible to take stock.