fbpx
FedEx Establishes Direct Presence in Nigeria to Support Customers with International TradeRead more Open Society Foundations (OSF) Award $1.1 Million Grant to Afrobarometer to Spur Future GrowthRead more The annual Global Impact Conference 2022 brings together visionary business leaders to revolutionize educational systems and inspire collaborative actionRead more APO Group announces content partnership with Pan-African broadcaster VoxAfricaRead more MainOne, an Equinix Company’s MDXi Appolonia Achieves Tier III Constructed Facility certification (TCCF), Now Most Certified Data Center in GhanaRead more United Nations High Commissioner for Refugees (UNHCR) warns rising tide of hunger, insecurity, and underfunding worsening gender-based violence risksRead more The Royal Thai Embassy presents the cultures of Thailand at the Association of Southeast Asian Nations (ASEAN) Festival in KenyaRead more Climate change is the biggest global threat, young people in Africa and Europe tell European Investment Bank (EIB), Debating Africa and Debating EuropeRead more $2 million in prizes awarded at Conference of the Parties (COP27) to African youth-led businessesRead more Africa and Europe’s top business and public sector leaders gather to chart Africa’s economic rebirthRead more

Hackers leak Australian health records on dark web

show caption
Hackers have begun leaking sensitive medical records stolen from Australian health insurer Medibank, whose customers include the prime minister./AFP
Print Friendly and PDF

Nov 09, 2022 - 09:33 AM

SYDNEY, AUSTRALIA — Hackers have followed through on a threat to leak sensitive medical records stolen from a major Australian health company that counts the country’s prime minister among nearly 10 million customers.

Medibank told investors that a “sample” selection of customer data was posted on a “dark web forum” on Wednesday after it refused to pay a ransom demand.

The data included names, birth dates, passport numbers and information on medical claims for hundreds of customers who were separated into “naughty” and “nice” lists.

Some on the “naughty” list had numeric codes that appeared to link them to drug addiction, alcohol abuse and HIV infection.

For example, one record carried an entry that read: “p_diag: F122”.

F122 corresponds with “cannabis dependence” under the International Classification of Diseases, published by the World Health Organization.

Medibank is Australia’s largest private health insurer and the hack is likely to include some of the country’s most influential and wealthy individuals.

Prime Minister Anthony Albanese said he himself was a Medibank customer and that the attack was a “wake-up call” for corporate Australia.

Potential Russian link 

The perpetrator of the hack has not yet been publicly identified.

But the Australian Federal Police’s Justine Gough said it was the work of a “criminal or criminal groups” that could be operating outside the country.

Sanjay Jha, chief scientist at the University of New South Wales’s Institute for Cyber Security, said it was difficult to attribute any attack to a single group.

However, he told AFP it carried some of the hallmarks associated with a Russian hacker group called REvil — which has previously targeted everything from Brazilian meat company JBS to Lady Gaga.

“The pattern matches the behaviour in parts. So that is why there is a serious indication it could be them selling the data,” Jha said.

A defunct REvil website has been redirecting traffic to the dark web forum where the Medibank data was leaked.

REvil — an amalgam of ransomware and evil — was the subject of a US$10 million reward from US authorities before being reportedly dismantled by Russia this year.

JBS Foods, one of the largest beef producers in the world, paid REvil a ransom of US$11 million in 2021.

Jha said the hackers could now look to sell the sensitive data to blackmailers and other scammers.

‘Scumbags’ and ‘crooks’ 

The hackers also uploaded what they said were a series of messages sent to Medibank in the days before the leak.

“We will do everything in our power to inflict as much damage as possible for you, both financial and reputational,” one message from the hackers read.

Hundreds of millions of US dollars have been wiped off Medibank’s market value, with the company’s share price down more than 20 percent since October, when news of the leak first emerged.

Troy Hunt, a cyber security expert working for Microsoft, wrote on Twitter that the breach was “about as bad as we feared it would get”.

The Medibank hack followed an attack on telecom company Optus in September that exposed the personal information of some nine million Australians.

Jha said the enormous Medibank and Optus data breaches could make it easier to carry out cyber attacks on different systems in the future.

“A lot of credentials have been stolen in recent months,” he said. “That makes the job of attackers easier — they can go and try other systems with millions of credentials.”

Australia’s assistant treasurer Stephen Jones said the perpetrators were “scumbags” and “crooks”.

“We shouldn’t be giving in to these fraudsters,” he told local media.

As Medibank tried to contain the leak, it was also staring down the barrel of a potentially costly class action lawsuit.

MAORANDCITIES.COM uses both Facebook and Disqus comment systems to make it easier for you to contribute. We encourage all readers to share their views on our articles and blog posts. All comments should be relevant to the topic. By posting, you agree to our Privacy Policy. We are committed to maintaining a lively but civil forum for discussion, so we ask you to avoid personal attacks, name-calling, foul language or other inappropriate behavior. Please keep your comments relevant and respectful. By leaving the ‘Post to Facebook’ box selected – when using Facebook comment system – your comment will be published to your Facebook profile in addition to the space below. If you encounter a comment that is abusive, click the “X” in the upper right corner of the Facebook comment box to report spam or abuse. You can also email us.