Its Over, page-15287

...Medibank hoping this problem would just go away.

Medibank hit with hacking class action amid threat to release data ‘in 24 hours’

ByColin Kruger

November 8, 2022 — 7.35am

Australia’s largest private health insurer Medibank Private faces its first class action over the hacking incident that exposed the personal information of 9.7 million current and former customers.

It comes as threats have emerged on the dark web to release the customer data.

Bannister Law Class Actions and Centennial Lawyers said they have joined forces to investigate the serious data breach of this group which comprises 5.1 million Medibank customers, around 2.8 million customers from the group’s budget ahm business, and around 1.8 million international customers.
“We believe the data breach is a betrayal of Medibank Private’s customers and a breach of the Privacy Act. Medibank has a duty to keep this kind of information confidential,” Bannister said in a statement on Tuesday morning.

“The two firms will be investigating Medibank breached their privacy policy and the terms of their contract of the medical insurance which they provided to their customers. The lawyers will also assess whether damages should be paid to Medibank customers as a result of their breaches.”

Other class actions are likely. Maurice Blackburn, which has already launched a class action-style claim against Optus for its recent data breach, has said previously that it is “monitoring” the situation.
While both hacks are similar in size, with just under 10 million Optus customers affected, the Medibank incident is far more serious as the private health data of hundreds of thousands of Medibank customers was stolen.

Threats to expose the Medibank data have already emerged with Nine News reporting that a post on a dark web forum has threatened to release the data.
The alleged hacker said: “Data will be publish in 24 hours. P.S I recommend to sell Medibank stocks.”

The site has been linked to REvil, a ransomware gang with strong Russian links. REvil provides a ransomware service to other criminals for a fee.

There is no evidence to suggest this is the actual hacker. Medibank has been approached for comment on whether the threat is credible.

The private health insurer said on Monday that it will not pay the ransom demanded by the hackers after receiving advice from cyber security experts.

“All the advice is that paying does not guarantee that the data will be returned. It dramatically increases the chance of people being exploited and more Australians being at risk,” Medibank chief executive David Koczkar, said.


Cybersecurity Minister Clare O’Neil welcomed the decision.

Koczkar said the group was unaware of any cases where the hack has been linked to cybercrime directed against customers, but it was bracing for the possibility that this exploitation might now start with its refusal to pay.

This could occur via the publishing of customer data online or an attempt to contact customers directly.

“I encourage any customer who actually has their data compromised – because we have no evidence of that data being released externally – then please get in touch with us. Or, with the government through Report Cyber,” he said.
Medibank has reiterated that no credit card details were stolen.

On Monday, Medibank also announced it would commission an external review with more details to be announced in the near future. It said details would be made public where appropriate.