Hackers in Australia began leaking sensitive health insurance customer data on Wednesday.
As the insurance company Medibank announced, the hackers put “samples” of data from around 9.7 million insured persons on the dark web.
Previously, they had tried to blackmail the company with the stolen data, but Medibank refused to pay any money.
Affected are information on names, dates of birth, addresses, passport numbers and medical findings of the customers.
Medibank expected more data to be released soon.
The company justified its refusal to pay the blackmailers money by pointing out that this could encourage further criminals and, moreover, that there was no guarantee that the data would then be safe.
Medibank boss David Koczkar referred to the assessment of cybercrime experts, according to which even if the blackmailers' money demands are met, there is little chance of getting the stolen data back and guaranteeing that it will not be published.
The investigators did not rule out that the hackers are outside of Australia.
Since the vulnerability became known, Medibank's market value has lost several hundred million dollars.