Medical data has long been among the most coveted information for cybercrime. A cybercriminal group has stolen data belonging to 10 million Australian customers of the country’s largest health insurer, Medibank, for which they are asking for a ransom of 10 million dollars.
According to various Anglo-Saxon media, criminals have already leaked some user data on the Dark Web to do business with them. According to ‘The Washington Post’, the information they are sharing allows to identify patients with mental health problemsalcoholism and addictions as well as women who have undergone an abortion.
Among the stolen data, in addition to referring to the health of patients, are names, addresses, dates of birth, telephone numbers and email addresses, according to the insurer.
Consulted by ABC, Josep Albors, head of research at the cybersecurity company ESET, points out that the way cybercriminals operate by sharing patient data on the Dark Web it’s nothing weird: “We have seen cases in which criminals contacted patients one by one, threatening to make their data public. This can cause the same clients to put pressure on Medibank to jump through hoops and pay the ransom.”
Likewise, the expert points out that criminals they could try to extort the customers elsewhere of the insurer to get them to pay small ransoms in exchange for not revealing their private information.
Russian origin
According to the Australian Police, the cybercriminal group behind the theft and marketing would be of Russian origin. “They are probably responsible for significant past infractions in countries around the world,” Reece Kershaw, commissioner of the Federal Police of the oceanic country, said at a press conference this Friday.
According to Australian media, the cybercriminal group behind the theft could be related to REvil, one of the most active cybercriminal organizations in recent years and which has traditionally been linked to Russia.
Medibank suffered the ‘hacking’ that has left the data of its clients in the air last October. Despite the demands of criminals, has refused to pay the requested ransom in exchange for not disclosing them. “Weaponizing people’s private information with the intent to extort money is petty and an attack on the most vulnerable members of our community,” said David Koczkar, CEO of the insurer.