Health Insurance Breached in Massive Hack
Following the Sydney Morning Herald news report, hackers claim they’ve seized data from a well-known Australian health insurance firm. As of now, they threaten to reveal the confidential medical info of high-profile and otherwise celebrated Australian figures unless a hefty ransom is paid.
The hackers remain unidentifiable at this time, yet claim to possess more than 200 gigabytes of stolen data from a private health insurer, Medibank. While Medibank’s customer base is a meager 3.9 million in the face of 25 million people, these people are still part of the nation’s 1%, which, according to the Herald, the hackers might have access to the credit card and banking information of some very famous Australians.
Despite the incoherence of the ransom statement’s English – it’s evident that these hackers believe scaring these high profile Australian citizens is the ultimate shock factor in ensuring the ransom is paid.
The statement to Medibank, which also owns the AHM health insurance brand, includes explicit threats to expose private media information about politicians, actresses, bloggers, and even popular LGBT activists.
Medibank has yet to reveal the number of funds the hackers requested.
Ironically enough, Medibank acknowledged the hack on October 13th, yet confidently assured the public that no sensitive client data had been breached.
A Twitter user highlighted at the time, that AHH used Adobe Experience Manager to maintain its dealings – indicating that it could be the weak spot that the hackers exploited to obtain sensitive data. While this claim hasn’t been debunked or even addressed by Medibank, the firm must be shaking in their boots now, unable to hide the gravity of the situation any longer.
Medibank has denied requests for comments on the matter, however, the firm has since released a notice to its shareholders. This signals that the hackers did make contact and that the company has since notified the Australian Cyber Security Centre.
Despite its wealth, Australia seems to have one of the worst records of private data breaches – and even more deplorable damage control and recovery methods – in the world. The nation’s second largest telecom, Opt us, was even found to be illegally storing sensitive customer information, such as driver’s license, on publicly visible API, just last month.
This is why research analysts can agree, with educated confidence, that Medibank will not be the last of its nature reported in Australia for years to come, as the country struggles to catch up with the rest of the world in terms of cybersecurity.