Medibank Data Will Be Published In Next 24 Hours, Hackers Warn
The private medical records and personal details of close to 10 million Australians will be published online within the next 24 hours, according to warnings from the Russian hackers responsible for the breach.
Quoting noted cyberhacker Confucius, the hackers wrote:
“A man who has committed a mistake and doesn’t correct it is committing another mistake. – Confucius,”
“Data will be publish in 24 hours.
“PS. I recommend to sell Medibank stocks.”
This comes after Medibank publicly declared yesterday morning it would not be paying any ransom.
“Based on the extensive advice we have received from cybercrime experts we believe there is only a limited chance paying a ransom would ensure the return of our customers’ data and prevent it from being published,” explained Medibank CEO David Koczkar.
“In fact, paying could have the opposite effect and encourage the criminal to directly extort our customers, and there is a strong chance that paying puts more people in harm’s way by making Australia a bigger target.
“It is for these reasons we have decided we will not pay a ransom for this event,” he concluded.
Koczkar has doubled down on this stance, following the 24-hour threat.
“This is a significant decision for the business and we’ve had extensive expert advice and the reality of that advice is that there was a small chance that paying a ransom – you can call it extortion – that it was very unlikely they may return customer data,” Koczkar told The Australian.
“In fact, you just can’t trust a criminal. It’s more likely that this will put more of our customers at risk through increased extortion and actually make Australia a bigger target. That’s consistent with the government policy on paying ransom, so that’s why we’ve made the decision we have to not pay a ransom.”
Further to this, Koczkar responded to the threat on the Medibank site, writing:
“Customers should remain vigilant. We knew the publication of data online by the criminal could be a possibility, but the criminal’s threat is still a distressing development for our customers.
“The weaponisation of their private information is malicious, and it is an attack on the most vulnerable members of our community.”
The clock is ticking, and many Australians face a very anxious wait.