The rest of the customer data stolen in the Medibank ransomware attack appears to have been published online.

REvil, the group behind the Australian Medicare hack, posted an update on their blog earlier this week, declaring "Happy Cybersecurity Day! Complete added case. Case closed," reported TechCrunch.

Since publication, the blog has been unavailable, making it impossible to independently confirm the authenticity of the posted files. However, Medibank said the folder housed six raw data files, compressed into one file. A total of six gigabytes of data were released, making it the largest Medibank leak to date.

No financial data was taken

He said he was analyzing the published data, but added that it "appears to be the data we think the criminal stole."

"While our investigation continues, there are currently no signs that financial or bank details have been taken. And stolen personal data, by itself, is not enough to enable financial and identity fraud. The raw data we have analyzed so far is incomplete." and difficult to understand,” Medibank said in an update.

The company concluded that it expects REvil to continue posting files to the dark web, despite the group's claims that everything has already been leaked.

Medibank fell victim to a ransomware attack in late October 2022 by REvil, a group with alleged ties to the Russian government.

Following the initial investigation, information on 9,7 million customers was said to have been extracted from the company's terminals (opens in a new tab), along with health claims data on half a million more.

The company's CEO, David Koczkar, later clarified via LinkedIn what kind of data was taken: "The criminal did not access credit card or bank details or health claims details for additional services. ", said.

It would later turn out that REvil got hold of clients' names, dates of birth, passport numbers, medical claims information, and confidential files related to abortions and alcohol-related illnesses. He also demanded €9,7 million in ransom, one dollar for each client.

Via: TechCrunch (Opens in a new tab)

Share This