+1 206 446 0600 umv@merysolsecurity.com

Australia’s Medibank Ransomware Attack

Australia’s largest Medical Insurer Medibank defends decision to not pay hackers ransom for stolen health data as it contacts 480,000 customers

By Nassim Khadem and Daniel Ziffer – ABC News Australia

Medibank’s boss says the company will begin directly communicating with nearly half a million customers whose health data is believed to have been stolen, weeks after it first became aware hackers had breached its customer database.

Medibank’s chief executive David Koczkar said the company had started on Wednesday communicating with about 480,000 customers whose health data was believed to have been stolen.

“We commenced this as soon as this data was verified by our team,” he said.

“This ongoing work continues and requires our people to analyse millions of records across numerous applications and match customer data from multiple sources.

“And for our customers whose health data has been published on the dark web, we’ve prioritised those communications, advising them as quickly as we can that their health data has been published, within 48 hours of this data appearing.”

Mr Koczkar received a $2.3 million bonus after shareholders accepted it at the company’s annual general meeting on Wednesday.

The value Medibank shares has plummeted 18 per cent in the past month, as the costs of dealing with the cyber attack escalate and the threat of expensive class actions looms.

Medibank chairman Mike Wilkins defended the company’s call to not pay a ransom to the Russian hackers who stole millions of customers’ personal data.

“From the outset, Medibank has been committed to doing the right thing by our customers, our people and the community in relation to this cybercrime,” he said..  This includes our decision not to pay any ransom demand for this data theft.

“In fact, the advice we have had is that to pay a ransom could have had the opposite effect and encouraged the criminal to directly extort our customers, and put more people in harm’s way by making Australia a bigger target.

“It is for these reasons we could not pay.”

He said the company’s decision to not pay ransom was “consistent with the position of the Australian government” and that Medibank had already commissioned an external review.

That review, being undertaken by Deloitte, would “ensure that we learn from this cyber attack and continue to strengthen our ability to safeguard our customers,” he told shareholders.

Mr Koczkar warned that criminals may continue to release files on the dark web. We share the prime minister’s and the AFP’s call to all media and social media platforms to protect the community by not posting or publishing this information,” he said. While we understand the public interest, reporting details of this crime only feeds the criminal’s need for notoriety.”

He also defended the company’s decision to not pay hackers ransom. The weaponising of the private data of many Australians – our customers – is malicious,” he said. We are steadfast in our resolve to not reward this criminal behaviour, nor to strengthen a business model that is based on extortion.”

You May Also Like …


Submit a Comment

Your email address will not be published. Required fields are marked *