And chief executive David Koczkar has warned customers to prepare for the release of more of their sensitive data in coming days as the hackers step up their “relentless” pursuit of Medibank.

About 240 customers have been exposed during the latest release of data onto the dark web, aimed at inflicting maximum harm on Australia’s biggest health insurer after it refused to pay a $15m ransom.

It is the third mass release of data since Mr Koczkar declared the company would not cave into the demands of the cyber criminals, who breached the insurer’s customer database after they bought a high-level Medibank login from an online Russian criminal forum.

Other data released include customers who have received treatment for drug dependence and terminations for unviable pregnancies.

“You telling that is disgusting (woof-woof), that we published some data. But we warned you, we always keep our word, if we wouldn’t receive a ransom - we should post this data, because nobody will believe us in the future,” the purported hacker wrote in a post on Friday.

“Same about our words, regarding we wouldn’t post any data in the future, if we receive a ransom payments. We never lies - it doesn’t make any sense, if we lie to somebody - nobody will treat u as a serious business side.

“Imagine what scam wave would your customers get after that, how many would you invest to cover damages.”

Mr Koczkar branded the latest data release as “disgraceful” and warned customers the fallout of the cyber assault on Medibank was not yet over.

“I unreservedly apologise to our customers,” he said.

“Unfortunately, we expect the criminal to continue to release stolen customer data each day. The relentless nature of this tactic being used by the criminal is designed to cause distress and harm.”

Mr Koczkar also said the release of customer’s sensitive health data on the dark web could also dissuade people from seeking medical treatment.

“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care.

“It’s obvious the criminal is enjoying the notoriety. Our single focus is the health and wellbeing and care of our customers.

“We remain committed to fully and transparently communicating with customers and we will be contacting customers whose data has been released on the dark web.”

Medibank has urged the media and others to not download the data the criminals have posted on the dark web and contact customers.

“We will continue to support all people who have been impacted by this crime through our Cyber Response Support Program. This includes mental health and wellbeing support, identity protection and financial hardship measures,” Mr Koczkar said.

“If customers are concerned, they should reach out for support from our cybercrime hotline, our mental health support line, Beyond Blue, Lifeline or their GP.”

Medibank admitted on October 19 that hackers had stolen the information of 9.7 million customers and wished to negotiate a ransom. The Australian reported on Wednesday that the company had entered into lengthy discussions with the hackers, known as REvil, but later abandoned them.

One of the purported hackers – named for a villain from the Saw film franchise – in a message overnight said the group had asked for a $US10m ransom ($15.6m).

The Australian Federal Police is also broadening their investigation into an earlier data breach affecting Optus customers to the Medibank incident.

The AFP said in a statement it was “aware that distressing and very personal information has been released on the dark web” and had immediately taken measures, including “covert techniques”, to identify further criminal activity.

“This is not just an attack on an Australian business. Law enforcement agencies across the globe know this a crime type that is borderless and requires evidence and capabilities to be shared,” AFP assistant commissioner Justine Gough told reporters.

“Blackmail is an offence and those who misuse stolen personal information for financial gain face a penalty of up to 10 years’ imprisonment.”

Originally published as Hacker releases Medibank records on treatment for alcohol abuse