Medibank hackers release 1,500 more patient records on dark web, including mental health data

<span>Photograph: Morgan Hancock/AAP</span>
Photograph: Morgan Hancock/AAP

Russian cybercriminals have released a fifth tranche of stolen data from the private health insurer Medibank, including the details of treatment for mental health.

The company’s chief executive, David Koczkar, on Sunday confirmed the hackers, who obtained the records of millions of current and former customers in a ransomware attack last month, had released the details on the dark web.

It comes after the company refused to pay a US$10m ransom to the hackers, who the Australian federal police have said are likely Russian cybercriminals.

The data was released in four folders containing about 1,500 patient records.

Related: How to deal with the trauma of the Medibank cyber breach | Andrea Szasz

In a statement, Medibank confirmed the data included details on chronic conditions such as heart disease, as well as the patient details of people with cancer, dementia, mental health conditions and infections.

“Some of the people on the list have had diagnoses that include mental illnesses, or delirium, which is an acute change in mental status that can be triggered by illness, injury, surgery, or medications,” the company said in a statement.

“Delirium is a temporary condition that’s not uncommon in hospital, particularly for elderly people, as they become disoriented to their surroundings.”

In a statement, Koczkar said the company was still determining the accuracy of the latest data leak, which contained about 1,500 patient files. Of those, the company said 123 records had been released in previous tranches of data.

But some previously released data had not matched the company’s records, he said, and the company’s analysis of the latest patient records showed many did not match the descriptions posted by the hackers.

“We will continue to support all people who have been impacted by this crime through our Cyber Response Support Program. This includes mental health and wellbeing support, identity protection and financial hardship measures,” Koczkar said.

“The Australian Federal Police have said law enforcement will take swift action against anyone attempting to benefit, exploit or commit criminal offenses using stolen Medibank customer data. We continue to work closely with the Australian Federal Police who are focused, as part of Operation Guardian, on preventing the criminal misuse of this data.

“Again, I unreservedly apologise to our customers. We remain committed to fully and transparently communicating with customers and we will continue to contact customers whose data has been released on the dark web.”