Russian hackers behind the egregious Medibank cyber attack have been labelled “complete grubs” after a “despicable” escalation of the data hack saw four new troves of data released online.
Four files containing 1496 records were released on the dark web on Sunday, a spokeswoman from Medibank confirmed, with 123 of those records from previous files released.
The four files were labelled “STD”, “HIV”, “psycho” and “viral hep”, but the folders do not necessarily contain material linked to sexual or mental health treatment and nor is there even a health insurance treatment code for sexually transmitted diseases.
Instead, the folder labelled STD contains information about patients who have been diagnosed with anaemia.
The lists contained in the data includes people with chronic conditions such as heart disease, diabetes and asthma and people with cancer and mental health conditions, among others.
Treasurer Jim Chalmers lashed out at the criminal group on Sunday, and said stronger buffers needed to be in place to stop further breaches.
“These people are complete grubs – pure and simple,” he said. “It is despicable that people are prepared to release the sorts of information that we’ve seen released in recent days.
“It is well beyond the pale to see this kind of private, sensitive information released into the public domain.”
A Medibank spokeswoman said analysis was underway to determine the accuracy of the data released on the dark web, with previous files not matching existing records.
“Our analysis has shown 375 of the 1,496 records do not match against that policy for that procedure,” she said.
The data dump comes just a week after the hackers demanded a $15.6m ransom for the return of millions of customers’ personal information.
The health insurer has said it will not pay the sum.
The Medibank spokeswoman clarified the people named in the data may not necessarily be the person who received the treatment and may instead be the policyholder.
“The person the person who received the treatment could be their partner on the policy or a dependent – and the policyholder may not be aware that their partner or dependent received treatment,” the spokeswoman said.
Medibank CEO David Koczkar said anyone downloading the data was “committing a crime”, reiterating the company was doing everything it could to support customers.
“We will continue to support all people who have been impacted by this crime through our Cyber Response Support Program,” Mr Koczkar said.
“ This includes mental health and wellbeing support, identity protection and financial hardship measures.
“If customers are concerned, they should reach out for support from our cybercrime hotline, our mental health support line, Beyond Blue, Lifeline or their GP.”
The treasurer said on Sunday Australia’s cyber defences were being urgently bolstered after “a period of neglect”, and said the government was working with the private sector as well to help toughen up security.
“We need to rebuild our buffers against these kinds of grubby acts, these kinds of despicable acts,” he said.
“The Government is prepared to do its bit. I’m confident the private sector is prepared to do its bit as well. We’ve all got an interest in stamping out this despicable, despicable, grubby act of the kind that we’ve seen overnight.”
Australian Federal Police (AFP) Commissioner Reece Kershaw last week said authorities had identified Russian cyber criminals as the “likely” culprits behind the breach.
The AFP and foreign signals intelligence agency are working together to apprehend the hackers.