Ransomware Group REvil Diklam Uploads Medibank Customer Data

JAKARTA - Australia-based health insurance company, Medibank, has again received a violent attack. Customer data is published online!

The publication of the data was carried out by REvil, the group behind the attack on Medibank some time ago, and is now posting an update on its official blog again.

Happy Cyber Security Day!!! Add a full folder. The case is closed," wrote REvil.

However, since the upload was published, the blog is no longer available, so it cannot be confirmed the authenticity of the file posted by the REvil ransomware group.

Medibank said the folder hosted six raw data files,zip to the archive. There is a total of 6GB of data already posted, making it the only largest Medibank leak so far.

Even so, Medibank stated that no financial data was stolen by REvil, "While our investigation continues, there are currently no signs that financial or banking data has been taken," Medibank said in a statement.

"And the stolen personal data, by itself, is not enough to allow identity and financial fraud. The raw data we have analyzed so far is incomplete and difficult to understand," he added.

It is known that Medibank was the victim of a ransomware attack in late October 2022, at the hands of REvil, who is also suspected of having ties to the Russian government.

After the investigation, information on 9.7 million customers was taken from the company's endpoint, as well as data on health claims related to the other half million, as quoted by TechRadar, Saturday, December 3.

Medibank CEO David Koczkar, then clarified through LinkedIn what types of data were taken, "Criminals do not access credit and banking card details or health claim data for additional services," said Koczkar.

REvil said they got the names of customers, date of birth, passport number, information about medical claims and sensitive files related to abortion and alcohol-related diseases. The group also demanded a total ransom of 9.7 million US dollars equivalent to Rp149 billion, where one dollar for each customer.