Medibank Won’t Pay Ransom
The Australian health insurer Medibank says it will not pay a ransom to the hacker who stole massive amounts of customer data. In October Medibank said that a hacker had accessed around 4 million customers' personal information.
That's bad enough, but Medibank has now discovered the scale of the breach is much larger than earlier thought, with 9.7 million current and former customers having their names, dates of birth, phone numbers and email address accessed. That includes 5.1 million Medibank direct customers and 1.8 million international customers.
The company’s CEO David Koczkar declined to confirm speculation that the criminals had deliberately targeted the most sensitive health claims data and providers in the 480,000 claims Medibank found had been stolen. The claims information exposed includes service provider name, and codes associated with diagnosis and procedures.
The company had said it had been in contact with the alleged attacker, and there had been speculation Medibank might pay a ransom to prevent the release of the data online.
In a statement to the Australian Stock Exchange, Koczkar said the advice received from professional security advisers and from the Australian government, was that no ransom should be paid. Koczkar saiad here is no way they can “trust criminals” not to further exploit people.
Australion Financial Review: News7: ABC: Guardian: You Tube: Market Watch:
You Might Also Read:
Attackers Demand $10m Ransom From French Hospital: