Medibank's alleged attackers threaten data release, extortion

By on
Medibank's alleged attackers threaten data release, extortion

Insurer enters trading halt.

Medibank has entered a trading halt after being contacted by a group claiming to have copied customer data.

The Sydney Morning Herald yesterday reported it had heard from the alleged attackers, who were threatening to release patient data from a “200 gigabyte” haul.

The threats included selling the data, or releasing information like diagnoses about the most prominent people found in the database.

In an market disclosure late yesterday, the health insurer said it was “a new development” that will “cause concerns for customers”.

“Medibank is working urgently to establish if the claim is true, although based on our ongoing forensic investigation we are treating the matter seriously at this time”, the announcement stated [pdf].

“Medibank systems have not been encrypted by ransomware, which means usual activities for customers continue."

When it first detected attackers’ traffic on its network, Medibank said it did not believe the attackers had obtained customer data.

Earlier this week, it maintained that position, saying it detected activity regarded as a precursor to its attack.

The trading halt, Medibank explained, is required so it can meet its continuous disclosure obligations, and will continue until further notice.

“We continue to work with specialised cyber security firms and have advised the Australian Cyber Security Centre (ACSC),” the statement continued.

“Our ongoing response to safeguard our networks and systems may cause necessary temporary disruptions to our services.”

Medibank CEO David Koczkar said: “I apologise and understand this latest distressing update will concern our customers.”

Update: Speaking to the ABC’s AM radio program this morning, cyber security minister Clare O’Neil said the Australian Signals Directorate has been “intimately involved” in assisting Medibank.

She added that “last night, this matter was referred to the Australian Federal Police, and an … investigation has been stood up.

“So Medibank are now working closely with the Australian Signals Directorate and the Australian Federal Police to try to manage the situation.”

 

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
data breachmedibanksecurity

Sponsored Whitepapers

Responding To Industry Trends And Our 5m+ Users
Responding To Industry Trends And Our 5m+ Users
The Future of Digital Identity in Government
The Future of Digital Identity in Government
Secure Public Services for Every Australian
Secure Public Services for Every Australian
7½ Questions for Aged Care's Digital Decisions
7½ Questions for Aged Care's Digital Decisions
Creating the Sustainable IT Department
Creating the Sustainable IT Department

Most Read Articles

Australia appoints first cyber security coordinator

Australia appoints first cyber security coordinator
Apple rushes out patches for exploited zero day bugs

Apple rushes out patches for exploited zero day bugs
Perpetual 'extended outage' caused by security incident at third-party

Perpetual 'extended outage' caused by security incident at third-party
Exploit emerges for Cisco VPN client vulnerability

Exploit emerges for Cisco VPN client vulnerability

Digital Nation

COVER STORY: The opportunities and risks of cybersecurity insurance in Australia
COVER STORY: The opportunities and risks of cybersecurity insurance in Australia
How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
DeepAI founder on the risks of artificial intelligence
DeepAI founder on the risks of artificial intelligence
Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding

Log In

  |  Forgot your password?