Medibank Won’t Pay Ransom

The Australian health insurer Medibank says it will not pay a ransom to the hacker who stole massive amounts of customer data. In October Medibank said that a hacker had accessed around 4 million customers' personal information.

That's bad enough, but Medibank has now discovered the scale of the breach is much larger than earlier thought, with 9.7 million current and former customers having their names, dates of birth, phone numbers and email address accessed. That includes 5.1 million Medibank direct customers and 1.8 million international customers.

The company’s CEO David Koczkar declined to confirm speculation that the criminals had deliberately targeted the most sensitive health claims data and providers in the 480,000 claims Medibank found had been stolen. The claims  information exposed includes service provider name, and codes associated with diagnosis and procedures.

The company had said it had been in contact with the alleged attacker, and there had been speculation Medibank might pay a ransom to prevent the release of the data online.

In a statement to the Australian Stock Exchange, Koczkar said the advice received from professional security advisers and from the Australian government, was that no ransom should be paid. Koczkar saiad here is no way they can “trust criminals” not to further exploit people.

 Australion Financial Review:   News7:     ABC:      Guardian:       You Tube:    Market Watch:  

You Might Also Read: 

Attackers Demand $10m Ransom From French Hospital:
 

« Australia’s Government Hit By Another Cyber Attack
Ukraine Uses Artificial Intelligence To Speed Up Attacks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

ACIS Professional Center

ACIS Professional Center

ACIS provides training and consulting services in the area of information technology, cybersecurity, IT Governance, IT Service management, information security and business continuity management.

Trend Micro

Trend Micro

Trend Micro is a leader in hybrid cloud, endpoint, and network security solutions.

SecureNow Insurance Broker

SecureNow Insurance Broker

SecureNow is a commercial insurance broker based in India. Services offered include Cyber Risk insurance.

Insta Secrays

Insta Secrays

Secrays is a consulting firm providing information security, privacy and compliance services.

CyberOwl

CyberOwl

CyberOwl's early warning system uses a probabilistic framework to systematically aggregate uncertain and disparate security events to provide real-time visibility of threats to every asset.

Unbound Security

Unbound Security

Unbound pioneers breakthrough technology to safeguard cryptographic keys, by ensuring keys are never exposed throughout their lifecycle, in any environment.

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

SCADAfence

SCADAfence

SCADAfence offers cutting edge cybersecurity solutions designed to ensure the operational continuity of industrial (ICS/SCADA) networks.

HudsonCyber

HudsonCyber

HudsonCyber, part of HudsonAnalytix, provides leading cyber risk management services for the global maritime transportation industry.

Platin Bilişim

Platin Bilişim

Platin Bilisim is an IT Security company providing consultancy, solutions and operational support services.

CloudKnox Security

CloudKnox Security

CloudKnox Security is the only Cloud Security Platform built from the ground up for Identity Authorization Administration across hybrid cloud environments.

Center for Applied Cybersecurity Research (CACR) - University of Indiana

Center for Applied Cybersecurity Research (CACR) - University of Indiana

CACR serves Indiana and the nation by tackling cyber risk in research and other unusual environments through agile, holistic, principle-based cybersecurity.

Securolytics

Securolytics

Securolytics offers the simplest, most complete and affordable IoT security for all organizations. Securolytics quickly identifies unmanaged devices to reduce security and compliance risks.

Buchanan & Edwards

Buchanan & Edwards

Buchanan & Edwards delivers forward-focused technology solutions that help our clients transform the way they perform their missions.

Pionen

Pionen

Pionen are a specialist information security consultancy with excellent people and proven security delivery methodologies at its core.

Involta

Involta

Involta orchestrates IT transformation journeys using well-defined and rigorous processes to deliver hybrid cloud solutions, consulting and data center services tailored to our clients’ needs.