On Tuesday, Australian private insurer Medibank stated that a recent disclosed cyberattack affects more customers’ data than first believed. Days after hackers vowed to target celebrities, the announcement was made.
The cyberattack, which was discovered on October 12, was thought to be a precursor to a ransomware incident, but it was stopped before ransomware could be used, according to Medibank.
The business disclosed that it had been contacted by a threat actor who claimed to have taken about 200 terabytes of data during the cyberattack about a week later.
The organisation determined that the attacker had stolen customer information from its ahm and international student systems based on the evidence that was provided by the attacker.
Based on evidence provided by the accused attackers, the business claims in an addendum to its data breach notice dated October 25 that Medibank customer data was also stolen in the incident.
Attackers supplied the company files comprising Medibank customer data and records from ahm policies (including personal and health claims data).
It is too soon to assess the exact extent of the client data that has been stolen, the company claims, given the intricacy of what we have received.
The business claims to be informing affected consumers of the data leak even though it is still unsure of how many people are in total. Over 3.9 million people use the health insurer.
The Sydney Morning Herald reported last week that the suspected attackers had promised to compile a list of Medibank’s 1,000 most well-known clients, including celebrities, actors, campaigners, and those “with highly intriguing diagnoses,” and email that list to those people.
In reaction to the most recent development in the Medibank cyberattack, the Australian federal government activated the national coordination mechanism (NCM), the media source stated.