The Australian Federal Police are assisting Medibank to contain the fallout after data pertaining to over 480,000 customers was hacked. There is emerging evidence that sensitive health data leaked by cyber criminals is becoming more publicly available.
The hackers have been linked to REvil, a ransomware gang with strong Russian links, likely responsible for past significant breaches in countries across the world.
Medibank chairman Mike Wilkins has defended the company’s decision not to pay a ransom to the Russian-based hackers.
“From the outset, Medibank has been committed to doing the right thing by our customers, our people and the community in relation to this cybercrime,” he said.
“This includes our decision not to pay any ransom demand for this data theft. Based on extensive advice from cybercrime experts, we formed the view that there was a limited chance paying a ransom would ensure the return of our customers’ data and prevent it from being published.
He said it was “a despicable act by the criminal seeking to extort payment”.
It is understood that the criminals may continue to release stolen customer data on the dark web. The hackers also stole data on Medibank employees, including mobile and work device numbers, which potentially opens up new vulnerabilities for its computer systems.
If you would like to discuss how best to protect your business from cyber-attacks, please contact us.