Abortions exposed among Australian health insurer customers

Nov 9, 2022, 6:58 AM | Updated: 11:46 pm
FILE - A man walks past a Medibank branch in Sydney on Oct. 26, 2022. Extortionists have dumped sto...

FILE - A man walks past a Medibank branch in Sydney on Oct. 26, 2022. Extortionists have dumped stolen Medibank client records relating medical procedures on the dark web on Thursday, Nov. 10, 2022, in an effort to pressure Australia's largest health insurer to pay a ransom. (AP Photo/Rick Rycroft, FILE)

(AP Photo/Rick Rycroft, FILE)

CANBERRA, Australia (AP) — Extortionists dumped stolen client records relating to pregnancy terminations on the dark web on Thursday in their latest effort to pressure Australia’s largest health insurer to pay a ransom.

The cybercriminals began dumping customer records on Wednesday including treatments for HIV and drug addiction after Medibank this week ruled out paying a ransom for the return of the hacked data.

The criminals, who used the name “Extortion Gang,” on Thursday posted that they had demanded $9.7 million — $1 for the records of each of the 9.7 million current and former Medibank customers that were stolen.

Most concerning was the theft of health claims for almost 500,000 customers that include diagnoses and treatments.

Medibank CEO David Koczkar condemned the release of Thursday’s tranche of data as “disgraceful.”

“The weaponization of people’s private information in an effort to extort payment is malicious, and it is an attack on the most vulnerable members of our community,” Koczkar said in a statement.

Cybersecurity Minister Clare O’Neil described the targeting of women who had terminated pregnancies as “morally reprehensible.”

“Yesterday, I indicated to the Parliament that the consequences of the Medibank hack were likely to get worse, and today those fears have been realized,” O’Neil told Parliament.

“And I want to say, particularly to the women whose private health information has been compromised overnight, as the minister for cybersecurity but, more importantly, as a woman, this should not have happened,” she added.

Medibank and government services were standing ready to support all customers in need even if a “large data dump occurs,” O’Neil said.

The extortionists have warned that the dumps will continue daily.

Cybersecurity expert and Medibank customer Nigel Phair spoke of his frustration at not knowing how much of his personal data had been stolen.

“You just don’t know what’s been lost of your own details: Is it your name, your date of birth, is it your address, is it everything and more?” Phair told Australian Broadcasting Corp.

Medibank had failed to adequately address basic risk management questions on what data was stored, where it was stored, who had access and how that data was accessed, Phair said.

“If they’d done that competently beforehand, and put appropriate controls (in place), this wouldn’t have happened,” Phair said.

The extortionists have been linked to high-profile Russian cybercrime gang REvil, short for Ransomware Evil and also known as Sodinokibi.

The Russian Federal Security Service said in January REvil “ceased to exist” after several arrests were made at the insistence of the United States.

Troy Hunt, founder of the “Have I been Pwned?” website, a service that enables users to check if their personal details have been exposed by data breaches, said it was unclear how REvil was involved.

An old REvil dark web site had started redirecting traffic to a new site that hosts the stolen Medibank data, Hunt said.

REvil could have rebranded as BlogXX, the name by which the Medibank hackers are becoming increasingly well known within cybersecurity circles, or former REvil operatives might have found a new home.

“The reality is, it’s a bit like any job — people come and go,” Hunt said.

Conversations between the hackers and Medibank that have been published with the data dumps show that the operation was initially intended to be a ransomware attack. That would have denied Medibank access to its own customer records and heightened pressure on finding a quick resolution.

But the hackers said they ran out of time to encrypt Medibank’s systems with ransomware so fell back on the plan to monetize the data that had already been stolen.

Copyright © The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

AP

concede...
Associated Press

GOP’s Joe Kent contests results of Washington state race

Republican Joe Kent's campaign said Friday it intends to request a machine ballot recount of the counties within southwest Washington state's 3rd Congressional District.
20 hours ago
Associated Press

Adultery a punishable offense in Indonesia’s criminal code

JAKARTA, Indonesia (AP) — Indonesia’s Parliament has passed a long-awaited and controversial revision of its penal code that criminalizes extramarital sex and applies to citizens and visiting foreigners alike. A parliamentary task force finalized the bill in November and lawmakers approved it Tuesday. A copy of the amended criminal code obtained by The Associated Press […]
20 hours ago
Gavel...
Associated Press

Case against man arrested in 1994 death of woman dismissed

Criminal charges against a man suspected in the 1994 murder of a Vancouver, Washington, woman have been dismissed.
20 hours ago
Protesters sing an anti-government song in front of a barricade of burning tires during a protest a...
Associated Press

US says it will expand, extend temporary status for Haitians

SAN DIEGO (AP) — The Biden administration said Monday that it would expand temporary legal status for Haitians already living in the United States, determining conditions in the Caribbean nation were too dangerous for their forced return. The Homeland Security Department said Haitians who were in the United States Nov. 6 could apply for Temporary […]
20 hours ago
FILE - A TV screen shows a file image of North Korea's military exercise during a news program at t...
Associated Press

N. Korea orders new artillery firings over South’s drills

SEOUL, South Korea (AP) — North Korea’s military says it has ordered frontline units to conduct artillery firings into the sea for the second consecutive day in a tit-for-tat response to South Korean live-fire drills in an inland border region. The statement by the North Korean People’s Army’s General Staff came a day after the […]
20 hours ago
Fans of Brazil cheer their team after the World Cup round of 16 soccer match between Brazil and Sou...
Associated Press

World Cup betting down in Las Vegas but higher than expected

LAS VEGAS (AP) — The World Cup may be the globe’s biggest sporting event, yet in the United States in the fall, it competes with a full sports betting calendar. Las Vegas sportsbook directors weren’t overly optimistic the betting would be higher than the 2018 World Cup, which was played in the more usual summer […]
20 hours ago

Sponsored Articles

Comcast Ready for Business Fund...
Ilona Lohrey | President and CEO, GSBA

GSBA is closing the disparity gap with Ready for Business Fund

GSBA, Comcast, and other partners are working to address disparities in access to financial resources with the Ready for Business fund.
SHIBA WA...

Medicare open enrollment is here and SHIBA can help!

The SHIBA program – part of the Office of the Insurance Commissioner – is ready to help with your Medicare open enrollment decisions.
Lake Washington Windows...

Choosing Best Windows for Your Home

Lake Washington Windows and Doors is a local window dealer offering the exclusive Leak Armor installation.
Anacortes Christmas Tree...

Come one, come all! Food, Drink, and Coastal Christmas – Anacortes has it all!

Come celebrate Anacortes’ 11th annual Bier on the Pier! Bier on the Pier takes place on October 7th and 8th and features local ciders, food trucks and live music - not to mention the beautiful views of the Guemes Channel and backdrop of downtown Anacortes.
Swedish Cyberknife Treatment...

The revolutionary treatment of Swedish CyberKnife provides better quality of life for majority of patients

There are a wide variety of treatments options available for men with prostate cancer. One of the most technologically advanced treatment options in the Pacific Northwest is Stereotactic Body Radiation Therapy using the CyberKnife platform at Swedish Medical Center.
Work at Zum Services...

Seattle Public Schools announces three-year contract with Zum

Seattle Public Schools just announced a three-year contract with a brand-new company to the Pacific Northwest to assist with their student transportation: Zum.
Abortions exposed among Australian health insurer customers