Some names, addresses, and phone numbers of current and former Medibank customers have been posted on the dark web. It comes after the private health insurer refused to pay a ransom to the criminal who stole data from Medibank’s systems last month.
The data was posted shortly after midnight – when the deadline for the ransom expired.
Here’s what you need to know.
Background
Last month, Medibank confirmed they’d been the subject of a cyberattack.
Medibank believes the information of 9.7 million customers and former customers have been compromised in the breach.
On Monday, Medibank said they wouldn’t pay any ransom to the criminal behind the cyberattack, saying there was only a “limited chance” that paying this would stop the data being published.
Medibank expects customer information will continue being released on the dark web.
The response
Medibank has said they will continue working “around the clock” to keep customers updated on what information has been stolen and posted online.
Earlier today, Cyber Security Minister Clare O’Neil called those responsible for the cyberattack “scumbags” and “disgraceful human beings”.