The major health insurer in Australia, Medibank Private Ltd (MPL.AX), revealed on Wednesday that the hacker may leak additional stolen data if the company continues to refuse to pay the demanded ransom.
Prime Minister Anthony Albanese acknowledged that he is one of the millions of Australian Medibank customers who may have been impacted by the most recent cyberattack, but he supported the insurer's refusal to pay a ransom.
"For some, this is incredibly difficult. It will worry me that part of this information has been made public as I am also a Medibank Private customer," said Albanese.
According to Medibank, additional Australian customers' private medical information will likely be posted on the dark web as the perpetrators of the most recent cyberattack try to put more pressure on the insurance.
A sample of customer information, which included names, addresses, dates of birth, phone numbers, and email addresses, was discovered to have been placed online on the dark web this morning. In other instances, the passport numbers of foreign students who had registered with Medibank Group's partner company ahm were also made public.
If a hacker gained access to the prime minister's personal or medical information, it is not immediately evident. According to Medibank, information on 9.7 million of both current and former clients was exposed.
Federal Cyber Security Minister Clare O'Neil stated in a statement on Wednesday that Medibank's decision to forego paying a ransom is in line with the government's recommendation. Customers that were affected were encouraged to be extremely vigilant against extortion attempts. On Wednesday, Medibank Chief Executive David Koczkar called the occurrence 'a criminal crime.'
Since September, there has been an increase in cyberattacks in Australia, with at least eight businesses reporting intrusions, including the telecom company Optus, which is owned by Singapore Telecommunications (STEL.SI).