The criminals behind the Medibank Cyber Attack have released their largest and most damaging set of data in what looks like their final post on the hack.
Taking to their Dark Web forum, the Hackers posted a simple update:
Happy Cyber Security Day!!!
Added folder full. Case closed.Medibank Hacker
November 30th is “International Cyber Security Day” and with the hackers in Russia, this release occurred in the evening of November 30th.
A new folder “Full” was added to their file structure as noted
Inside that folder are six files
The file sizes are the biggest giveaway to the scale of this release.
Totalling almost 6,500Mb this is an enormous amount of data. For context, previous files containing hundreds of names were less than 1Mb in file-size.
EFTM can confirm the data contains the names, addresses, contact details and medical details of Australians and some International Students and while previous files have contained code names for health diagnosis, in many cases these appear to list conditions, and even short case notes relating to those conditions.
In the smallest file, just 4.2Mb, there are between 10,000 and 100,000 lines of information – affecting up to 100,000 customers.
EFTM has reached out to Medibank to confirm just how many are affected directly by this latest release.
It’s a huge blow to Medibank customers who have now gone many weeks without any data release, and for Medibank who likewise may have thought, like in the case of Optus, that the hackers would disappear and the data not surface.
With the data now on the Dark Web, it’s unfortunate that it will most likely begin circulating in the criminal underworld of the open web, including scammers and others looking to take advantage of these vulnerable customers.
As has always been the case, the best advice is to ignore any emails which suggest they hold your personal information and seek to either extort or blackmail you, or threaten you in any way.
Medibank can be contacted by customers for support including mental and wellbeing support and a range of identity protection services, though with so many affected today, it is likely the company will be overwhelmed by customer outreach.