The Medibank hackers claim they demanded a $US9.7 million ($15.09 million) ransom not to release stolen customer information, as the health insurer blasted their latest data dump as a "malicious" attack on vulnerable Australians.
In a chilling message posted on the dark web overnight, the hackers released sensitive details of customers' medical procedures and said it had demanded $US1 ($1.60) for each of Medibank's 9.7 million customers.
The ABC understands the latest illegal release of Medibank data includes data linking hundreds of customers to terminating pregnancies.
There are slightly more than 300 files in the latest release on the website that has been connected to a Russian-backed criminal entity.
Medibank is emphasising that people may have had terminations for a range of reasons, including ectopic pregnancy, miscarriages and complications.
The private health insurance provider is advising people not to seek out the data, and has described the ongoing release of information as "deplorable".
"Added one more file [name removed]," the post by the criminal group said.
"Society ask us about ransom, it's a 10 millions usd. We can make discount 9.7m 1$=1 customer."
The group began releasing Medibank data on the dark web in the early hours of Wednesday morning under files named "good-list" and "naughty-list".
Medibank has confirmed the details of almost 500,000 health claims have been stolen, along with personal information, after the unnamed group hacked into its system weeks ago.
In a statement on Thursday, David Koczkar, chief executive of the nation's largest health insurance provider, said the release of the information was "disgraceful".
"We take the responsibility to secure our customer data seriously and we again unreservedly apologise to our customers," he said.
"The weaponisation of people's private information in an effort to extort payment is malicious, and it is an attack on the most vulnerable members of our community.
"These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care."
Operation Guardian, which was set up to tackle the recent Optus hack, has now been expanded to investigate the Medibank data theft.
AFP Assistant Commissioner Cyber Command Justine Gough said Operation Guardian was working with state and territory police to identify members of the community at risk of identity fraud.
"If members of the community feel they are at imminent risk they should contact triple zero immediately," she said.
Cyber Security Minister Clare O'Neil told parliament on Wednesday the government had been preparing for the data to be published for a number of weeks.
"The actions of the national coordination mechanism to prepare for what is taking place are extensive," she said.
"It includes placing protective security around government data, state police working with affected individuals, the organisation of mental health support and counselling, and putting in place management plans around people who have some very specific vulnerabilities."
Ms O'Neil called on social media companies in particular to ensure their platforms aren't used to publish stolen information.
"If you do so [allow publishing of stolen data], you will be aiding and abetting the scumbags who were at the heart of these criminal acts, and I know you would not do that to your own country and its citizens," she said.
No credit card or banking details were accessed.
ABC/AAP
