After being denied the ransom, the hackers behind Medibank insurance have leaked the entire stolen data on the dark web.
Analyzing the dump, Medibank said there’s no financial or banking data involved in this leak, but the health data of over 9.7 million people have been exposed. Yet, they downplayed this by saying the leaked records are not matching up with the customer data and contact details, thus making it hard to make any malicious moves.
Medibank Data Leak
In October this year, the Australian insurance giant Medibank disclosed a data breach affecting millions of it’s customers. While demanding ransom, the hackers behind the breach have started leaking stolen data in batches.
This didn’t shiver Medibank, which outrightly denied cooperating with the hackers and let the data leak flow. Finally, the perpetrators have dumped the whole database today, which contained the PII and health records of over 9.7 million current and former Medibank customers.
Some of these include the data belonging to their authorized representatives, while 1.8 million of them were the company’s international customers. While the leaked data is sensitive enough to launch targeted cyberattacks, Medibank started downplaying the risks – claiming that the dumped data isn’t enough for proper identity or financial fraud.
After analyzing the leaked health data, the company said it doesn’t match up with relevant customer and contact details, thus making it harder to launch attacks. Further, it’s incomplete and difficult to understand. While all these are convincing, Australia’s Attorney-General Mark Dreyfus said the government “agencies” were looking into the leaked data and may come up with more facts soon.
Australia has recently passed legislation to increase the financial penalties for breached companies to a maximum of AU$50 million ($32.34 million) from it’s previous AU$2.22 million. This, or three times the value of any benefit obtained through the data misuse, or 30% of the company’s adjusted turnover in the relevant period – whichever is greater. This could put all other current companies in check and ramp up their data security practices.
Other Trending News:- News
