Australia’s Medibank says hacker’s data dump could happen daily

SYDNEY  – More personal details of customers of Australia’s biggest health insurer Medibank Private Ltd, hit by a massive cyber attack, were released on Friday, with the company expecting this to happen daily after it declined to pay ransom to the hacker.

Health records related to mental health and alcohol use of hundreds of customers have been released in the dark web in the latest data dump after the attacker uploaded two data sets, local media reported.

“Unfortunately, we expect the criminal to continue to release stolen customer data each day,” Medibank Chief Executive David Koczkar said in the latest update about the breach.

Data from around 9.7 million current and former customers was compromised, Medibank has said, as Australia grapples with a recent rise in cyber attacks. At least eight companies, including Singapore Telecommunications-owned telecoms company Optus, have reported breaches since September.

Prime Minister Anthony Albanese said on Friday the government was taking all steps to limit the impact and has set up an integrated phone service for affected customers for seeking help from both the government and Medibank.

“We know it’s already incredibly distressing. The fact that information was published going to very personal health details of Australian citizens is disgusting, and something that is I think, just totally reprehensible,” Albanese told ABC Radio.

Medibank shares have plunged about 20% since the hack was revealed by the company on Oct. 13. Shares were up nearly 2% in late morning trade on Friday.