Australia's Medibank hacked, declines to pay ransom

medibank declines to pay ransom

Australia's Medibank declines to pay the ransom demanded by the cyberattack, 9.7 million customers vulnerable.

The largest health insurer in Australia, Medibank Private Ltd (MPL.AX), warned of a A$25 million to A$35 million ($16 million to $22.3 million) impact to first-half earnings on Wednesday after admitting that all of its roughly 4 million clients' data had been exposed as a result of a cyberattack.

A day after warning that the number of clients affected might increase, it announced on Wednesday that all personal information and sizable volumes of health claims data of all its customers were compromised in the incident earlier this month. The company's shares dropped more than 14%, marking the worst one-day decline since its IPO in 2014.

One-sixth of Australians are covered by Medibank, which stated that the anticipated cost did not take further potential cleanup or regulatory costs into account.

According to Emily Ritchie, senior executive for external relations at Medibank, about 9.7 million current and former clients as well as some of their authorised agents' names, dates of birth, residences, phone numbers, and email addresses were allegedly obtained by cybercriminals.

The business reaffirmed that up to this point, no ransomware has locked its IT systems and that it would keep an eye out for any additional suspicious activities.

The chief executive, David Koczkar, won't specify how much is being demanded and claims that paying up would only encourage additional extortion attempts, warning that specific Medibank clients would be approached with such demands. "Paying would even encourage the criminal to directly extort our consumers, which would have the unintended consequence of endangering more people by making Australia a more attractive target, For these reasons, we have made the decision that we won't pay a ransom for this occurrence."

The business declared that it cannot "trust" thieves who are trying to hide the stolen data that was breached.