Medibank hack: What 9.7million customers need to do NOW
Australia’s Home Secretary has issued a list of urgent instructions to Medibank customers on the best ways to protect themselves from identity theft – after Russian hackers released the first batch of private data on the dark web.
The health insurance company confirmed nearly 500,000 health claims and a string of personal information was stolen when an unnamed group hacked into the health insurer’s system on Oct. 13.
However, approximately 9.7 million current and former customers are believed to have been affected, with Medibank confirming the entire system has been exposed.
Hundreds of names, addresses, birth dates and Medicare records were posted under a “good list” and “naughty list” on a hacker’s blog Wednesday morning.
In response to the breach, Home Secretary Clare O’Neil listed the actions Medibank Private and AHM customers should take.
Home Secretary Clare O’Neil has issued urgent instructions to Medibank customers on how to protect themselves – after Russian hackers released the data of millions on the dark web
Customers were asked to contact their insurance company and secure and monitor their devices and accounts for “unusual activity.”
They should also make sure that their devices have the latest security updates.
“Enable multi-factor authentication for all accounts,” the minister’s post reads.
“If you believe unauthorized activity has occurred in your Medicare account, please contact Services Australia.”
Customers have also been urged to visit Scamwatch to learn how to protect themselves online.
Those who suspect their data has been compromised are urged to call their bank and IDCARE at 1800 595 160.
It comes as the hackers released screenshots of their contact with Medibank.
The screenshots showed a response from Medibank – Australia’s largest health insurer – that read ‘Hello. We have received your message.
“We want to talk to you, but we need to make sure you’re the one who claims to have our records.
“Can you tell us all the addresses and phone numbers you’ve sent messages to?”
The hackers responded with ‘OK, we’ll see’.
The health insurance company previously confirmed that nearly 500,000 health claims were stolen by the hackers, along with personal information, when the unnamed group hacked into its system weeks ago.
In response to the breach, Home Secretary Clare O’Neil listed the actions Medibank Private and AHM customers should take
According to the screenshots, Medibank later replied, “After considering all options, we’ve decided we can’t afford your query.
“It is also the policy of the Australian government that no ransom should be paid. We understand the impact this can have.’
The scam calls to affected Medibank customers have already begun, with people being told they have an unpaid bill for a hospital procedure.
The hackers demanded a ransom to prevent them from releasing the data, but Medibank said earlier this week it would not pay as it would encourage further crime.
The hackers appeared to have revealed screenshots of private messages recently exchanged between themselves and representatives of Medibank
Shortly after midnight, the group posted the first lists, warning that it is about to drop even more, but they “need some time.”
“Looking back at the fact that data is stored in a not very understandable format (table dumps), we’ll take a moment to figure it out,” they said.
“We will partially continue to post data, we need some time to do it nicely.”
The group previously said it would release the personal information of Australian celebrities.
It is clear that the hackers have not been able to access credit card or bank details.
Medibank again apologized to past and present customers. It advised customers to be alert to phishing scams by phone, mail or email.
“We knew that the online publication of data by the criminal could be a possibility, but the threat from the criminals is still a troubling development for our customers,” CEO David Koczkar said on Tuesday.
He said he was “devastated” at customers, who “deserve privacy,” but said that if Medibank gave in to the criminals’ demands, Australia would become a target for more such attacks.
“This is an important decision for the company and we have had extensive expert advice and the reality of that advice is that there was a small chance that the ransom payment – you could call it extortion – it was very unlikely that they would give the customer would send back data,” said Mr Koczkar the Australian.
“Actually, you just can’t trust a criminal.”
Ms. O’Neil confirmed that Medibank’s decision not to pay ransom to cyber criminals was in line with government advice.
She said she has “no words to express the horror” she feels at the leakage of people’s personal data.
“The fact that personal health information is being held over their heads is just disgusting to me,” she said on Wednesday.
“It just shows us that these cybercriminals we’re fighting between the Five Eyes (Australia, Canada, New Zealand, UK, US) and other friends of partners around the world are just disgraceful people and we must stand up.” and do everything in their power to fight back against them.’
Timeline for hacking data from Medibank
October 13: Medibank has taken the data and policy systems of its budget provider AHM and its international student division offline after a ‘cyber incident’
14 October: Medibank said it had restored its systems and said it was “still responding” to the incident
19 October: The company disclosed to the Australian stock exchange that hackers had reached out to “negotiate” over 200 gigabytes of customer data stolen from Medibank’s systems.
26th of October: Medibank confirmed that the hackers behind the ‘devastating’ data breach managed to access all of its customers’ personal health records
October 27: It turned out that Medibank faced costs of up to $30 million after it was revealed it lacked insurance to protect itself from a cyber-attack
Nov 8: The hackers threatened to disclose the personal information of millions of Australians unless Medibank paid within 24 hours. The company refused to pay, saying: ‘You just can’t trust a criminal’
Nov 9: The ransomware group began posting customer data stolen from Australia’s largest health insurer on the dark web