The new information posted includes a spreadsheet with the names and personal details of 303 patients and policyholders along with the billing codes relating to terminations.

In a file on the dark web forum called ‘abortion’, the hackers have included information about women who had procedures.

They relate to termination of pregnancy but may include women who had non-viable pregnancy such as foetal anomaly, ectopic pregnancy, molar pregnancy, miscarriages and readmission for complications such as infection

In a new post from a Russian ransomware group that is claiming responsibility for the data breach, the hackers have also offered to slash the cash payment they require to stop drip-feeding patients’ private medical records.

“We can make discount 9.7m 1$=1 customer,” the post states.

Want to stream your news? Flash lets you stream 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer available for a limited time only >

“Medibanks [sic] CEO stated, that ransom amount is ‘irrelevant’. We want to inform the customers, that he refuses to pay for yours [sic] data more, like 1 USD per person. So, probably customers data and extra efforts don’t cost that.”

In response, Medibank has confirmed today it is aware that the criminal has released an additional file on a dark web forum containing customer data that is believed to have been stolen from Medibank’s systems.

“The release of this stolen data on the dark web is disgraceful,’’ Medibank CEO David Koczkar said.

“We take the responsibility to secure our customer data seriously and we again unreservedly apologise to our customers.

“We remain committed to fully and transparently communicating with customers and we will be contacting customers whose data has been released on the dark web.

“The weaponisation of people’s private information in an effort to extort payment is malicious, and it is an attack on the most vulnerable members of our community.

“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care,” he said.

Given the sensitive nature of the stolen customer data, Medibank again asked the media and others to not to unnecessarily download sensitive personal data form the dark web and to refrain from contacting customers directly.

The Medibank hack began with the theft of the credentials of someone who had high-level access within the organisation.

The log on credentials appear to have been sold to a Russian-language cybercrime forum.

The most detailed explanation was provided by Medibank an investor call on October 17 – it refers to the stolen user credentials.

It revealed that it was Medibank itself that detected unusual activity in its cyber security systems.

This led to the cyber security team starting their incident response, supported by our cyber security partners.

Later that evening, Medibank identified the unusual activity was focused on the IT infrastructure.

It took the precautionary step to take the systems offline to protect the data of customers. The investigation, which is ongoing, indicated that cyber security systems had detected activity consistent with the precursor to a ransomware event.

This initial finding was shared with the Australian Cyber Security Centre, who provided Medibank with additional guidance in support of this conclusion.

“We believe compromised credentials were used to access our systems,’’ Medibank told investors.

“I can confirm that our investigation shows that systems were not encrypted by ransomware during this incident and there is also no indication that the incident was caused by a state-based threat actor.”

Home Affairs minister on abortion leak

In Parliament, Home Affairs Minister Clare O’Neil delivered an emotional speech to the women impacted by the data leak, slamming the hackers as “scumbags”.

“As a parliament and as a government, we stand with you,’’ she said.

“You are entitled to keep your health information private and what has occurred here is morally reprehensible and it is criminal.

“As well as the focus on enforcement and prevention of harm, much of the work of the national coordination mechanism over recent weeks has been stepping out how the situation may unfold and for different communities of victims..

“I spoke with the Medibank CEO today twice with Minister Shorten and Minister Butler and I’ve made it abundantly clear of the expectations of the Australian community.”

But it was a question from former Home Affairs Minister Karen Andrews over “any specific actions taken as opposed to just expressing sympathy” that angered her sucessor.

“It is so regrettable that at a moment like this, the Opposition wants to politicise the pain and suffering of Australians,’’ she said.

“I am genuinely shocked. And I just cannot believe that people who are suffering, who have had personal information about them revealed, that you are trying to politicise this.

“This problem did not begin on the 22 May (the day after the election), and I would say to those opposite, I have said repeatedly that we are about five years behind where we need to be on cyber security.”

What Medibank is offering customers

A cybercrime health & wellbeing line (1800 644 325) – counsellors that have experience supporting vulnerable people (such as those at risk of domestic violence) and have been trained to support victims of crime and issues related to sensitive health information

Mental health outreach service – proactive support service for customers identified as being vulnerable, or through referral from our contact centre team

Better Minds App – new tailored preventive health advice and resources specific to cybercrime and its impact on mental health and wellbeing, including tools for managing anxiety and fear, with additional phone based psychological support available

Personal duress alarms – for customers particularly vulnerable and/or with safety risks

Hardship support for customers who are in a uniquely vulnerable position as a result of this crime which can be accessed via our contact centre team (13 23 31 for Medibank and international customers, 13 42 46 for ahm customers and 1800 081 245 for My Home Hospital patients)

Specialist identity protection advice and resources through IDCARE’s purpose-built Medibank page

Free identity monitoring services for customers whose identity has been compromised as a result of this crime

Reimbursement of ID replacement fees for customers who need to replace any identity documents that have been compromised as a result of this crime

Specialised teams to help our customers who receive scam communications or threats