A major Australian health insurance company has become the target of a hacker attack. According to police sources, a Russian network is behind it. Reece Kershaw, spokesman for the Australian National Police, said: “Our findings points to a group of loosely connected cybercriminals who are likely behind other massive security breaches in countries around the world.” Further, he stated, “Millions of Australians were likely affected by the hacking attack. This cyberattack is an unacceptable attack on Australia and deserves a response commensurate with the malicious and far-reaching consequences this crime causes.” What happened? The hackers broke into the database of the insurance company Medibank a few weeks ago and had stolen very sensitive data of millions of customers. With this data, they tried to blackmail the company. Medibank refused to pay the ransom, after consulting with cybercrime experts. Meanwhile, sensitive data of customers has been published on the darknet. It was reported that data of alcoholics and women who had abortions were exposed.
The group wrote about it: “We warned you. We always keep our word if we don’t get a ransom - we publish this data because otherwise no one will believe us in the future.” It had demanded one U.S. dollar per customer, which, with 9.7 million customers, corresponds to a sum of 9.7 million U.S. dollars, or 9.5 million euros. Medibank had said that the company would not pay a ransom under any circumstances, as even then it is not certain that no data will be published. Furthermore, the company does not want to encourage other criminals to commit similar acts, told the Medibank CEO David Koczkar.
Once again, it shows that criminals do not stop at the nature and sensitivity of data to achieve their goals and even large companies, regardless of the industry, are not safe from such attacks.