On Thursday, hackers posted much more private information about clients and requested US$10 million to halt disclosing highly sensitive documents that they had stolen from a significant Australian healthcare organization.
The data of 9.7 million current and previous clients, including Prime Minister Anthony Albanese, was obtained by hackers, according to Medibank, the largest private health insurer in Australia.
On Thursday, the hackers posted a second set of files to a dark website that contained more private information about hundreds more Medibank clients.
The initial releases appear to have been chosen to do the greatest amount of harm by focusing on those who had undergone treatment for drug misuse, STDs, or miscarriages.
Before revealing their ransom demand, the unidentified hackers said on the forum, “Added one more file abortions.csv.”
“Society asks us about ransom, it’s 10 million USD. We can make a discount… $1 = 1 customer.”
The ransom has been declined by Medibank on numerous occasions.
The Medibank theft and a previous data breach at telecom giant Optus that affected nine million customers have cast doubt on Australia’s capacity to thwart cybercriminals.
The Medibank breach is likely to have exposed information on some of the most powerful and richest people in the nation.
The gang responsible for the hack seems to be exerting pressure on Medibank by searching the records for the most vulnerable personal data.
“Naughty” and “nice” lists were created for the initial records that were posted to the forum on the dark web.
Some of the people on the “naughty” list had numerical codes that seemed to connect them to HIV infection, alcoholism, and drug addiction.
One record, for instance, contained the following entry: “p diag: F122.”
According to the World Health Organization’s International Classification of Diseases, F122 is the same as “cannabis dependence.”
The data also includes names, residences, passport numbers, and dates of birth.