Medibank Won’t Pay Ransom

The Australian health insurer Medibank says it will not pay a ransom to the hacker who stole massive amounts of customer data. In October Medibank said that a hacker had accessed around 4 million customers' personal information.

That's bad enough, but Medibank has now discovered the scale of the breach is much larger than earlier thought, with 9.7 million current and former customers having their names, dates of birth, phone numbers and email address accessed. That includes 5.1 million Medibank direct customers and 1.8 million international customers.

The company’s CEO David Koczkar declined to confirm speculation that the criminals had deliberately targeted the most sensitive health claims data and providers in the 480,000 claims Medibank found had been stolen. The claims  information exposed includes service provider name, and codes associated with diagnosis and procedures.

The company had said it had been in contact with the alleged attacker, and there had been speculation Medibank might pay a ransom to prevent the release of the data online.

In a statement to the Australian Stock Exchange, Koczkar said the advice received from professional security advisers and from the Australian government, was that no ransom should be paid. Koczkar saiad here is no way they can “trust criminals” not to further exploit people.

 Australion Financial Review:   News7:     ABC:      Guardian:       You Tube:    Market Watch:  

You Might Also Read: 

Attackers Demand $10m Ransom From French Hospital:
 

« Australia’s Government Hit By Another Cyber Attack
Ukraine Uses Artificial Intelligence To Speed Up Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

InformationWeek

InformationWeek

InformationWeek is the world's most trusted online community for business technology professionals like you.

Bricata

Bricata

Bricata offers industry-leading IPS solutions for enterprise-wide threat prevention and unparalleled situational awareness.

SERMA Safety & Security (S3)

SERMA Safety & Security (S3)

SERMA Safety & Security provides a comprehensive cybersecurity offering incorporating Expertise, Evaluation, Consultancy and Training, covering hardware, software and information systems.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

LuJam Cyber

LuJam Cyber

LuJam Cyber is a cybersecurity company that provides protection to SME Networks.

GoCyber

GoCyber

GoCyber is a new, highly innovative cyber security training app that uses action based learning to significantly improve the online behaviour of all employees in less than a month.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

Black Hills Information Security (BHIS)

Black Hills Information Security (BHIS)

Black Hills Information Security provide security testing and vulnerability assessment services.

Bigbee Technology

Bigbee Technology

Bigbee Technology are an IT solutions company based in Dar es Salaam founded by a group of professionals from around the globe.

Udacity

Udacity

Udacity's mission is to train the world’s workforce in the careers of the future. Our programs range from beginner to expert levels and deliver the hands-on skills for real-world expertise.

Defentry

Defentry

Defentry have created an Ecosystem that lets our users easily monitor, train and resolve their digital security issues.

Certihash

Certihash

Certihash have developed the world’s first blockchain empowered suite of information security tools based on the NIST cybersecurity framework.

AutoRABIT

AutoRABIT

AutoRABIT provides DevSecOps tools built specifically for Salesforce developers to increase release velocity, produce consistently high-quality code, and enhance data security.

Ampcus Cyber

Ampcus Cyber

Ampcus Cyber specialize in providing comprehensive security solutions and services that are tailored to safeguard our clients' networks, infrastructure, and valuable assets.

Port-IT

Port-IT

Port-IT is a leading partner in cybersecurity solutions tailored for the maritime industry.