Hackers Threaten to Release Medical Info of Australian Actors, Politicians, Activists, and More

Hackers say they’ve obtained data from an Australian health insurance company and have threatened to release the private medical information of high-profile Australians if a ransom isn’t paid, according to a new report from the Sydney Morning Herald.

The unknown hackers claim to have 200 gigabytes of data from Medibank, a private health insurer in Australia that has roughly 3.9 million customers in a country of just 25 million people. The hackers may also have access to customer credit card numbers, according to the Herald.

And while the threatening message sent to Medibank is in broken English, it’s clear the hackers believe threats about Australians in the public eye are the best way to ensure a ransom is paid. The message to Medibank, which also owns the health insurance brand AHM, specifically includes threats to release private medial information about politicians, actors, bloggers, and LGBT activists:

We offer to start negotiations in another case we will start realizing our ideas like 1. Selling your Database to third parties 2. But before this we will take 1k most media persons from yourdatabase (criteria is: most followers, politicians, actors, bloggers, LGBT activists, drug addictive people, etc) Also we’ve found people with very interesting diagnoses. And we’ll email them their information.

While the term “most followers” could have a few different meanings, it likely relates to the number of people who follow high-profile Australians on social media platforms like Twitter, Instagram, and Facebook. Medibank has not made public how much money the hackers have asked for.

Curiously, Medibank reported a “cyber incident” on October 13, but said at the time there was no evidence that any sensitive customer data had been compromised. One Twitter user noted at the time that AHM was using Adobe Experience Manager, speculating that it could’ve been a way for hackers to get sensitive data, though that hasn’t been reported in Australia, let alone confirmed.

Medibank did not respond to a request for comment early Wednesday ET but posted a message to shareholders explaining that the hackers had made contact and the company had notified the Australian Cyber Security Center.

“I apologize and understand this latest distressing update will concern our customers. We have always said that we will prioritize responding to this matter as transparently as possible,” Medibank CEO David Koczka said in the statement.

“Our team has been working around the clock since we first discovered the unusual activity on our systems, and we will not stop doing that now. We will continue to take decisive action to protect Medibank customers, our people and other stakeholders,” Koczka continued.

Australia has a hybrid health care system where every resident is covered by Medicare, but people can still buy private health insurance for access to things like private hospitals, vision, and dental coverage.

Australia, despite being a wealthy country, has one of the worst track records for breaches of private data online in recent years. Just last month, Optus, the country’s second largest telecom, suffered a breach when it was found to be storing sensitive customer information like driver’s licenses on a publicly visible API.

Medibank will be far from the last cyber breach you read about from down under in the coming years as Australia tries to play catch up with the rest of the world on cybersecurity.