The release of the records is aimed at causing maximum harm after Medibank chief executive David Koczkar and chairman Mike Wilkins said the company would not pay the hackers’ $15m ransom demand.

While the names of the folders are targeted at causing mass anxiety among customers, Medibank said there were no health insurance treatment codes for sexually transmitted diseases and asked media to refrain from using the hackers’ description of the data.

The four folders, published on the dark web on Sunday, contain about 1500 customer records. Medibank has analysed the data and found that it did not include any customers with an STD diagnosis.

“Previous files released have not matched our records,” Mr Koczkar said.

“We encourage all Australians to seek medical care for any physical or mental health conditions that impact them, free from any shame or stigma.

“We will continue to support all people who have been impacted by this crime through our Cyber Response Support Program. This includes mental health and wellbeing support, identity protection and financial hardship measures.”

The hackers released the latest folders without providing any further comment. Instead they published a link to a YouTube video from Russian nationalist Simeon Boikov, who lives in Sydney. Mr Boikov vocally supports Russia’s invasion of Ukraine and in September addressed an anti-vax rally in Sydney, just a day after he was released from jail for breaching court orders over publicly naming an alleged paedophile.

The video shows an interview with a purported Medibank customer, accusing the health insurer of “putting profits over people” by deciding not to pay a ransom.

The release of the data comes after Mr Wilkins told shareholders at Medibank’s annual meeting in Melbourne last week that executives would keep their bonuses – which total more than $7.5m – following the attack, which is one of Australia’s biggest cyber heists, exposing the data of almost 10 million customers, including that of Anthony Albanese.

Mr Wilkins said the board would not consider adjusting remuneration until next year after it completes an external review of the attack. Despite the criticism, shareholders overwhelmingly supported Medibank’s remuneration report and Mr Koczkar’s performance rights, voting 94 and 97.8 per cent in favour respectively.

On Sunday, Mr Koczkar warned anyone who attempts to download the stolen data is committing a crime, with the Australian Federal Police investigating the attack.

“We continue to work closely with the Australian Federal Police who are focused, as part of Operation Guardian, on preventing the criminal misuse of this data,” he said.

“These are real people behind this data and the misuse of their data may discourage them from seeking medical care.”

Almost $2bn has been wiped off Medibank’s market value since it disclosed the attack last month. After the hackers failed to gain a ransom payment from Medibank – which they said equated to $1 per customer – they have released customer health records, including treatment for drug and alcohol abuse, various mental health conditions and abortions.

Melbourne headquartered law firm Maurice Blackburn is investigating a legal claim to determine whether customers are entitled to compensation.

Mr Wilkins defended Medibank’s decision not paying a ransom – a position that the federal government supports. Australian companies could be banned from making ransom payments to cyber criminals under reforms being considered by the Albanese government.

Home Affairs Minister Clare O’Neil flagged the potential law change last week after she accused Vladimir Putin of harbouring cyber criminals. The AFP said the Medibank hack came from Russian syndicates with a history of conducting “significant breaches in countries around the world”.

“Based on extensive advice from cybercrime experts, we formed the viewed that there was limited chance paying a ransom would ensure the return of our customers data and prevent it from being published,” Mr Wilkins said.

“In fact, the advice we have had is that to pay a ransom could have had the opposite effect and encourage the criminal to directly extort our customers and put more people in harm‘s way by making Australia a bigger target.

“It‘s for these reasons that we could not pay. This decision is consistent with the position of the Australian government in addition to our on going investigations and engagement with the federal police and the Australian Cybersecurity Centre.”

Mr Wilkins did not comment on how the Russian hackers obtained a high-level Medibank login to access its customer database, citing the AFP investigation.

He defended the login procedures at Medibank, where many employees work remotely and access the company’s systems from home and locations other than the group’s offices.

“We think our access processes have been quite robust in terms of that. Certainly, we’ve had multi-factor authentication as a standard across our systems for some time.

“I can attest to that given that I’d forgotten my password once, it needed to go through quite a rigmarole to be able to get back into the system, including two-factor authentication. So we think that our staff still need to go through those protocols to be able to access our systems.”

Medibank has urged customers exposed in the latest breach to contact Medibank’s cybercrime hotline or mental health support line, Beyond Blue, Lifeline or their GP.

More Coverage

Data will be published in 24 hours: hackers’ new threat

David Swan

Hacker wanted $15m ransom from Medibank

David Swan

Originally published as Hackers step up Medibank assault, claiming to release HIV data