- Cyber extortionists publish medical information purporting to show details of abortions and treatments for addiction and HIV.

A cyber extortionist has demanded nearly $10 million to stop leaking the medical records of Australians caught in one of the country’s worst cyber-attacks.
In a message posted on the dark web on Thursday morning, the hacker said he was demanding $1 from Medibank, Australia’s largest private health insurer, for every one of the 9.7 million customers affected in a huge data breach last month.
The cybercriminal organization also released information purporting to link clients to their abortions, after it earlier this week released a “naughty list” that appeared to show clients who received treatment for addiction, mental health issues, and HIV.
Local media have linked the dark web forum used to publish the hacked data to the criminal group REvil, which Russian authorities said they shut down earlier this year at the request of the United States.
Medibank CEO David Koczkar on Thursday condemned the hacker’s actions as “shameful” and reiterated an apology to customers.
“We remain committed to communicating fully and transparently with customers and will contact customers whose data has been published on the dark web,” Koczkar said.
“The militarization of people’s private information to extort payment is malicious, and it is an attack on the most vulnerable members of our community.”
Medibank has refused to pay the ransom, citing advice from cybercrime experts that doing so would not guarantee the return of customer information and could put “more people at risk by making Australia a bigger target.”
The Australian Federal Police, which is investigating the cyber-attack, has warned that downloading or even simply accessing the data could be a criminal offense.
Home Affairs Minister Clare O’Neil described the hackers as “scum criminals”.
“I can’t express the disgust I have for the bastards who are at the heart of this criminal act,” O’Neil told Parliament on Wednesday.
The cyber-attack, which first came to light last month, is the latest in a series of major data breaches rocking Australia.
Optus, Australia’s second-largest telecommunications provider, announced in September that the data of up to 10 million customers had been compromised in a cyber-attack against the company.
Source: AL JAZEERA AND NEWS AGENCIES
Stay Tuned with Us: