Australian health records stolen, hackers demand $10 million 

Hackers circulating medical records stolen from a prominent Australian healthcare company said Thursday. The hacker’s group is demanding $10 million to make it stop, about a dollar for each of their potential sufferers.


The country’s worst cyberattack in Australia has breached the medical records of Australians and to stop leaking the medical records, the cyber extortionist demanded $10 million.

Medibank, Australia’s largest private health insurer, is caught up in one of the country's worst cyberattacks
Medibank, Australia’s largest private health insurer, is caught up in one of the country’s worst cyberattacks (source: Reuters)

On Thursday morning, a message was posted on the dark web, where a hacker said it was demanding $1 for each customer from Medibank, which is Australia’s largest Private health insurer. In the cyber attack, 9.7 million customers including Prime Minister Anthony Albanese were affected by a data breach last month.


Medibank CEO David Koczkar said in a statement the leak was “designed to harm our customers and cause distress” and repeated an earlier apology to customers over the cyberattack.


“We remain committed to fully and transparently communicating with customers and we will be contacting customers whose data has been released on the dark web,” Koczkar said.


The hackers also posted some information affirming to link clients to their abortions, after earlier this week they released a “naughty list” that showed customers who receive mental health issues, HIV, and addiction treatment.

The dark web forum is being used to post the hacked data to crime group REvil according to local media which Russian authorities claimed that they shut down the group earlier this year at the plea of the US. 


“The weaponization of people’s private information in an effort to extort payment is malicious, and it is an attack on the most vulnerable members of our community.”

Medibank refused to pay the hefty amount to hackers after asking advice from cybercrime experts that doing so will not guarantee the return of customers’ information and could put “more people in danger by making Australia a bigger target”.


The federal police of Australia are investigating the cyberattacks and warned that downloading and accessing the data could lead to forbidden offenses.


Home Affairs Minister Clare O’Neil has described the hackers as “scummy criminals”.

“I cannot articulate the disgust I have for the scumbags who are at the heart of this criminal act,” O’Neil told parliament on Wednesday.

The attack first came to light last month and it is the largest data breach in the country lately. 


Also in September, Optus Australia’s second-largest telecom provider announced that they had a cyber-attack where the data have been compromised of about 10 million customers.