Australia’s Medibank Private Ltd continues to refuse to pay a ransom of an undisclosed amount to cybercriminals, despite the hackers’ purported threats to expose the stolen data on the dark web.
As Australia’s largest health insurer faces a potential class action after 9.7 million current and past clients’ data was compromised, a ransomware group has threatened to disclose Medibank customer data.
The ransomware group announced on their darknet blog around midnight that:
“Data will be published in 24 hours”.
“P.S. I recommend selling Medibank stocks.”
The post did not, however, provide data samples to support its threat.
An increase in cyber security issues has been observed in Australia recently; according to a government assessment, an attack occurs every seven minutes. Since September, as many as eight businesses have disclosed cyber security breaches.
Now, the most recent threat was published on a website connected to the REvil Russian ransomware group. Although it was thought that the group’s website had been taken down in October of last year, it was later discovered to be related to the site where the Medibank threat had been published.
The post also links to a comedy film about the Medibank data breach by ABC comedian Mark Humphries, which is consistent with their style. Threat expert Brett Callow told Guardian Australia that REvil was brazen and frequently ridiculed its victims.
According to David Koczar, Medibank chief executive, Customers need to be cautious. Although they were aware that the criminal could publish data online, their customers are nevertheless alarmed by the threat made by the cybercriminal.
In addition, he claimed that by providing criminals with an incentive, paying a ransom may make Australia “a bigger target” for data theft. So, based on the in-depth counsel they have gotten from cybercrime specialists, they think there is only a slim chance paying a ransom would secure the recovery of their customers’ data and stop it from being released.
Clare O’Neil, the home affairs minister, also claimed that Medibank followed government instructions when it decided not to pay a ransom to cybercriminals.
“Making any payment would increase the risk of extortion for our customers, and put more Australians at risk” said Koczar