"Deplorable": Medibank hacker announces ransom demands
As more sensitive health data has been posted on the dark web, the Medibank hacker has shared their ransom demands for the information to be returned safely.
Along with the unlawful release of the information, the hacker stated, "Society ask us about ransom, it's a 10 millions (sic) usd. We can make discount 9.7m 1$=1 customer."
At current rates, US$9.7 million is worth $15.07 million.
The alleged hacker, also posted: "Medibanks (sic) CEO stated, that ransom amount is 'irrelevant'. We want to inform the customers, that He refuses to pay for yours data more, like 1 USD per person. So, probably customers data and extra efforts don't cost that."
Following the release of 200 users' personal health data yesterday, the hacker has today posted an additional file of information allegedly obtained in the hack.
While the file is titled "abortions", it is understood that the diagnostic code listed in the file against the names of over 300 Australian men and women actually refers to an admission for "Supervision of high risk pregnancy, unspecified, first trimester", according to 9News.
Medibank CEO David Koczkar has called the latest health data release as "deplorable", while assuring customers they are working to secure their information.
He said, "The release of this stolen data on the dark web is disgraceful."
"We take the responsibility to secure our customer data seriously and we again unreservedly apologise to our customers.
"We remain committed to fully and transparently communicating with customers and we will be contacting customers whose data has been released on the dark web.
"The weaponisation of people's private information in an effort to extort payment is malicious, and it is an attack on the most vulnerable members of our community.
"These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care."
With so much information already leaked, there is a high risk of scams and individual ransom demands to come for the 500 or so Australians whose personal data has already been published.
Those customers should be on high alert for scammers.
Medibank has yet to reach out to the 500,000 customers whose health data is in jeopardy, to advise them whether more information has been lost to the scammers.
Image credits: Getty Images