CANBERRA, Australia (AP) — Cybercriminals dumped personal medical records on the dark web for a third day on Friday, this time focusing on alcohol-related illnesses, as they pressure Australia’s largest health insurer to pay a ransom for the stolen customer data of almost 10 million people.
The criminals began dumping hundreds of customer records on Wednesday including those involving treatments for HIV and drug addiction, which they described as a “naughty” list, after Medibank ruled out paying a ransom for the return of the hacked data.
The focus shifted to terminated pregnancies in Thursday’s dump and on Friday to conditions related to harmful levels of alcohol consumption, officials said. Medical treatment records of more than 700 customers had been published by Friday in what has been described as Australia's most invasive cybercrime.
Other personal details of many more customers have also been made public that could leave them vulnerable to identity theft or fraud, including phone numbers and email addresses.
Confirming the third dump, Medibank CEO David Koczkar said his company was contacting exposed customers and offering support. He expected the daily dumps would continue.
“The relentless nature of this tactic being used by the criminal is designed to cause distress and harm,” Koczkar said in a statement.
“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care,” he added.
Australian authorities are hoping the data remains confined to the dark web and is not spread to a wider audience by social media or reported in detail by the news media.
Prime Minister Anthony Albanese, who is among the 9.7 million current and former Medibank customers who have had personal records stolen, urged against anyone accessing the data.
“We need to provide a disincentive for this sort of criminal, disgusting behavior that is reprehensible,” Albanese told Australian Broadcasting Corp.
“It’s causing a great deal of distress in the community. The government acknowledges this and we’re doing all we can to limit the impact of this and to provide that support to people who are going through this distressing time,” Albanese added.
Albanese said Australian Federal Police will reveal later Friday who is responsible for the theft.
“We know where they're coming from, we know who is responsible and we say that they should be held to account,” Albanese told reporters.