Australia’s largest health insurer, Medibank Private Ltd, said on Thursday that hackers had released more of its stolen medical records, as media reported that the full dataset on millions of customers was now public.
The latest release on the dark web follows incremental downloads, including records of customers’ mental health and alcohol use, which began after Medibank said on November 7 that it would not pay a ransom
“The raw data we have analyzed so far is incomplete and difficult to understand,” chief executive David Koczkar said. “Although the media reports this as a ‘case closed’ signal, our work is not done.”
On Thursday, media reported that a blog, believed by cyber experts to be used by hackers, posted a new message: “Happy cybersecurity day!!! Added case full. Case closed.” It also included a file containing several compressed files totalling over 5 gigabytes
In its latest update, Medibank said there were no signs that banking data had been stolen. It added that personal details accessed by hackers were not enough to enable financial fraud.
Six zipped files placed in a folder called “full” and containing raw data believed to have been stolen had been uploaded, Medibank said in a statement.
Australia has been grappling with a recent rise in cyber attacks. At least eight companies, including telecoms company Optus, owned by Singapore Telecommunications, have reported breaches since September.
Technology experts have said Australia had become a target for hackers just as a skills shortage leaves an understaffed, overworked cybersecurity workforce ill-equipped to stop attacks