Tue. Dec 6th, 2022

Medibank customer details relating to mental health treatment claims are the latest to be released on the dark web by a Russian hacking group.

On Sunday night, the group posted a file on its dark blog called “psychoses,” containing hundreds of claims from policyholders that appeared to be related to mental health treatment.

The group said they “always keep our word” and added that they would not release the data if a ransom had been paid.

“We never lie [sic] – it makes no sense if we lie to someone – no one will treat us as a serious business party [sic].”

The daily collection of leaked user data may stop during the week, however, with the group saying it will not release another piece of data until Friday “in the hope that something significant has happened [sic] on Wednesday”.

Medibank is scheduled to hold its annual general meeting on Wednesday.

The federal government announced on Saturday the establishment of a 100-strong joint operation from the Australian Federal Police and the Australian Signals Authority to target hacker groups.

“They will turn up to work every day with the aim of taking down these gangs and thugs,” said Home Secretary Clare O’Neil.

“This is the formalization of a partnership, a permanent body within the Australian government, which will hunt down the scumbags who are responsible for these malicious crimes against innocent people day in and day out.”

Australian Federal Police Commissioner Reece Kershaw said on Friday the group was believed to be based in Russia and urged Russia to cooperate with law enforcement investigations.

The Russian embassy in Canberra said the statement was made before AFP contacted Russia.

“We encourage the AFP to contact the appropriate Russian law enforcement agencies in a timely manner,” the embassy said on Facebook.

“The fight against cybercrime that adversely affects people’s lives and harms businesses requires a cooperative, non-politicized and responsible approach by all members of the global community.”

On Sunday, O’Neil said the government would consider making ransom payments illegal as part of the government’s overall cyber strategy. She said Medibank made the right decision not to pay the ransom.

“I’ve never seen people with such a clear lack of moral code as the hackers posting information about Australians online,” she told the ABC’s Insiders program. “The idea that we’re going to trust these people to delete data that they’ve downloaded and maybe copied a million times is, frankly, stupid.”

The breach covers 9.7 million current and former customers, including 5.1 million Medibank customers, 2.8 million ahm customers and 1.8 million international customers.

The insurer says it has accessed health claims for around 160,000 Medibank clients, 300,000 ahm clients and 20,000 international clients. The information displayed includes provider names and codes associated with diagnoses and procedures.

There were also 5,200 patients of the Moj dom hospital whose personal and health data were accessed, and 2,900 close relatives of these patients who were accessed with some contact information.