According to message , which Medibank published on December 1, the hackers published in Darkweb is another dump of stolen data due to the fact that the company refused to pay a ransom. Medical inspection says that the company’s IT specialists continue to actively analyze the merged data.
According to Medibank, there are no signs that financial or banking data of customers fell into the hands of hackers. As the primary investigation has shown, all six ZIP archives with merged data contain incomplete and poorly structured information about the company’s clients that is difficult to use for various kinds of criminal fraud.
Recall, now in the hands of the attackers are:
All personal data of AHM customers and a large set of applications with complaints about health;
Personal data of all foreign students, as well as their statements;
All personal data of Medibank customers and information about their state of health.
The whole story with Medibank began on October 12, when the IT team of Medibank recorded suspicious activity in its network. Then the company said that during the incident the system was not affected by extortion software, and all user data are intact and safety.