Select Page

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom.

“We are in the process of analysing the data, but the data released appears to be the data we believed the criminal stole,” the Australian health insurer said.

“While our investigation continues there are currently no signs that financial or banking data has been taken. And the personal data stolen, in itself, is not sufficient to enable identity and financial fraud. The raw data we have analysed today so far is incomplete and hard to understand.”

The leak comes almost a month after the company acknowledged that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident in October 2022.

This includes 5.1 million Medibank customers, 2.8 million ahm customers, and 1.8 million international customers. Also accessed were health claims for about 160,000 Medibank customers, 300,000 ahm customers, and 20,000 international customers.

images from Hacker News