Medibank, the largest health insurer in Australia, had data stolen from 9.7 million of its current and former clients exposed on the dark web following its refusal to pay the demanded ransom, The Associated Press reports.
Data leaked by the threat actor dubbed "Extortion Gang" was found to be a sample of the personal details exfiltrated in last month's ransomware attack, according to Medibank, which noted that further leaks of stolen data are expected.
"This is a criminal act designed to harm our customers and cause distress. We take seriously our responsibility to safeguard our customers and we stand ready to support them," said Medibank CEO David Koczkar.
Despite being personally affected by the breach, Australian Prime Minister Anthony Albanese praised Medibank's refusal to provide the ransom payment.
"The company has followed the guidelines effectively, the advice, which is to not engage in a ransom payment. If you go down this road, then you end up with more difficulties potentially across a wider range," added Albanese.
English and Russian-speaking Windows users are being targeted by the novel Mimic ransomware, which has been leveraging the APIs of the Everything file search tool to identify to-be encrypted files, reports BleepingComputer.
North Korean state-sponsored advanced persistent threat group TA444 has engaged in a credential harvesting campaign targeting the U.S. and Canada with OneDrive phishing emails beginning last month, according to SecurityWeek.