top of page
Search

Medibank Hackers Upload 200gb of Customer Files

On the morning of Thursday December 1st 2022, the hackers behind the Medibank Cyberattack uploaded a blog post which included a 5gb folder of compressed files stating: “Happy Cyber Security Day!!! Added folder full. Case closed.”

A background of vertical lines of green code from The Matrix with the Medibank logo foregrounded.

The hackers had previously claimed to have extracted a total of 200gb of customer data from Medibank's systems and then compressed it. A spokesperson for Medibank has stated that this uploaded folder may indeed contain the full extent of hacked customer data:

“While our investigation continues there are currently no signs that financial or banking data has been taken...And the personal data stolen, in itself, is not sufficient to enable identify and financial fraud. The raw data we have analysed today so far is incomplete and hard to understand.”

This marks the first data drop in over a week following Medibank's refusal to pay the hacker group a $US10 million ransom. The original breach included files relating to nearly 10 million current and former Medibank customers. These files exposed customer names, addresses, dates of birth, email addresses and phone numbers.


The Australian Federal Police (AFP) have stated they believe the hacking group is based in Russia and is connected to the REvil ransomware group. The AFP are also seeking assistance from Russian authorities to help track down the hackers and are investigating where the breached data may have been shared online in an attempt to protect customers from being exploited. In November it was announced that consulting firm Deloitte would begin an external review of Medibank.


Law Firm, Maurice Blackburn, have also launched an investigation against Medibank regarding the breach and have lodged a formal complaint with the information commissioner. This action may lead to Medibank being ordered to compensate customers affected by the hack.


Medibank has boosted their call centre staff with an extra 300 employees and have extended trading hours. Two-factor authentication for customers has also been introduced.

Sources & Further Reading

https://www.theguardian.com/australia-news/2022/dec/01/medibank-hackers-announce-case-closed-and-dump-huge-data-file-on-dark-web


https://www.theguardian.com/australia-news/2022/nov/12/medibank-v-the-hackers-how-the-health-insurer-fell-to-a-mass-data-theft


https://www.perthnow.com.au/technology/medibank-hackers-release-biggest-data-dump-overnight-c-9023460


https://www.mauriceblackburn.com.au/class-actions/join-a-class-action/medibank-data-breach/


https://www.canberratimes.com.au/story/8002973/medibank-hackers-declare-case-closed/


https://www.theguardian.com/australia-news/2022/nov/23/medibank-hacker-blog-mysteriously-disappears-but-experts-warn-it-may-return


https://www.afr.com/technology/alleged-medibank-hackers-demanded-us10m-ransom-20221110-p5bx0q


https://www.reuters.com/business/finance/hackers-dump-more-customer-data-australian-insurer-medibank-2022-12-01/


https://www.abc.net.au/news/2022-11-10/medibank-data-breach-latest-dark-web-leak/101632746


https://www.theguardian.com/australia-news/2022/nov/10/medibank-hacker-says-ransom-demand-was-us10m-as-purported-abortion-health-records-posted


207 views1 comment

Recent Posts

See All
bottom of page