Security News > 2022 > December > Hackers Leak Another Set of Medibank Customer Data on the Dark Web

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom.

"We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said.

"While our investigation continues there are currently no signs that financial or banking data has been taken. And the personal data stolen, in itself, is not sufficient to enable identity and financial fraud. The raw data we have analyzed today so far is incomplete and hard to understand."

The leak comes almost a month after the company acknowledged that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident in October 2022.

The latest dataset, which has been uploaded in the form of six ZIP archive files, includes health claim information, although Medibank noted much of the data is fragmented and that it's not combined with customer names and contact details.

The mega breaches have also prompted the Australian government to pass new legislation that can result in companies facing up to AU$50 million in fines for repeated or serious data breaches.

News URL

http://thehackernews.com/2022/12/hackers-leak-another-set-of-medibank.html