‘Case closed’: Medibank hackers release massive data file

The criminals who stole information on Medibank Private’s entire customer base have released a massive data file overnight that it says contains more sensitive customer data, but they have also hinted that this could be the last as Australia’s largest private health insurer continues to refuse to pay a $US10 million ($15 million) ransom.

In the early hours of this morning, the hackers made an update to the dark web blog that has been used to release information saying: “Happy Cyber Security Day!!! Added folder full. Case closed.”

A file called “Full” that is more than 6GB, much larger than any of the previous releases, was added to one of the mirror sites and there was no further information.

It is the first release of data in more than a week with the dark web blog site offline for most of last week.

The hackers have drip-fed sensitive health information about Medibank customers on the dark web in an attempt to pressure the company into paying a ransom, which the insurer has refused to pay.

The hackers accessed the health claims data for about 160,000 Medibank customers, 300,000 ahm customers and 20,000 international customers.

Medibank later confirmed to this publication that the customers of its budget ahm brand have been the only policyholders whose private health data has been released by hackers who stole information on its entire customer base in October.

It also said that a substantial amount of the information the hackers released has been wrong, suggesting the cyber criminals have had a tough time properly extracting information from the stolen data.

More to come