Hackers demand $10M on the biggest Aussie healthcare service company

A major Australian health care company was held hostage by hackers which demanded $10M to stop the exposure of the medical records of millions of its clients.

Medibank confirmed that hackers had gained access to information belonging to its 9.7 million current and former clients which included Australia’s current Prime Minister Anthony Albanese.

Suspected hackers had a small sample of the medical records posted which featured an alleged “naughty list” of names that appeared to have undergone treatment for drug addiction, alcohol abuse and HIV.

It also confirmed an “additional file” which is believed to contain customer data had been uploaded to a “dark web” forum. The hackers also used the same forum to detail their ransom demand.

“Society asks us about ransom, it’s 10 million USD,” wrote the anonymous hackers posted on the said forum. It also wrote another message, allegedly offering a discount “We can make discount.. $1 = 1 customer.” it added but Medibank has repeatedly refused to heed to the hacker’s demand. .

According to Medibank’s chief executive David Koczkar “The release of this stolen data on the dark web is disgraceful. “The weaponization of people’s private information in an effort to extort payment is malicious and it is an attack on the most vulnerable members of our community” he added.

Australia’s Home Affairs minister Clare O’Neil has described the hackers as “scummy criminals”. She said that “I cannot articulate the disgust I have for the scumbags who are at the heart of this criminal act”.

Medibank is reportedly the largest private health insurer in Australia. The hack is likely to include some of the country’s most influential and wealthy individuals.

Previously, the alleged hackers had also threatened to sell the data of at least 1,000 high-profile Australians if the healthcare service company did not pay an undisclosed ransom.

The alleged “sample” selection of Medibank’s customer data had been posted to the dark web. Data included the names, birth dates, passport numbers and information on medical claims for hundreds of Medibank customers.