The hackers who leaked medical records stolen from a major Australian healthcare provider demanded $10 million to stop the leaks or roughly $1 for each of their potential victims.
This week, Medibank confirmed that hackers had gained access to the personal information of 9.7 million current and former clients, including Prime Minister Anthony Albanese.
A small sample of the records posted by the hackers on Wednesday morning included a "naughty list" of names that appeared to have received treatment for drug addiction, alcoholism, and HIV.
Medibank confirmed on Thursday that an "additional file" containing customer information was uploaded to a "dark web" forum overnight.
The hackers detailed their ransom demand in the same forum.
Anonymous hackers posted on a forum, "Society asks us about ransom, it's 10 million dollars"
We can offer discounts... $1 = 1 customer.
Medibank has refused to pay the hackers multiple times.
"Scummy criminals"
Chief executive David Koczkar stated on Thursday that it is disgraceful that the stolen data has been published on the dark web.
The use of private information as a weapon in an attempt to extort money is malicious and an attack on the most vulnerable members of our community.
Minister of the Interior Clare O'Neil referred to the hackers as "scumbag criminals."
"I cannot express my disgust for the scumbags at the center of this criminal act," she told the legislature on Wednesday.
Medibank is the largest private health insurer in Australia, and the breach is likely to involve some of the nation's most influential and wealthy individuals.
Previously, the hackers had threatened to sell the personal information of 1,000 prominent Australians if the company did not pay an undisclosed ransom.
The "sample" selection of customer data posted to the dark web on Wednesday included hundreds of customers' names, birth dates, passport numbers, and medical claims information.