Although the legitimacy of the message could not be confirmed, the Sydney Morning Herald reported that hackers have threatened to sell 200 gigabytes of stolen data across Medibank’s 3.9 million customers.

The hackers wrote: “We offer to start negotiations in another case we will start realizing our ideas like 1. Selling your Database to third parties 2. But before this we will take 1k most media persons from your database (criteria is: most followers, politicians, actors, bloggers, LGBT activists, drug addictive people, etc) Also we’ve found people with very interesting diagnoses. And we’ll email them their information.”

In a statement released on Wednesday afternoon, Medibank confirmed it had been in touch with a group that “wishes to negotiate with the company regarding their alleged removal of customer data”.

It said the company was now “working urgently” to establish the validity and authenticity of the threat.

“Based on our ongoing forensic investigation, we are treating the matter seriously at this time,” the statement read.

Stream more tech news live & on demand with Flash. 25+ news channels in 1 place. New to Flash? Try 1 month free. Offer ends 31 October, 2022 >

‘Relentless cyber-attack:’ Minister’s brazen warning

In light of the escalated threats, Cyber Security Minister Clare O’Neil warned that rates of cyber attacks would likely only increase, and that more systems should be put in place to protect customers.

Appearing on ABC radio on Thursday morning, Ms O’Neil said cybercrime was now the “main crime concern internationally,” and flagged regulatory change.

“This is the new world that we live in. We are going to be under relentless cyber-attack, essentially from here on in,” she said.

“So I think combined with Optus, this is a huge wake-up call for the country. And certainly gives the government a really clear mandate to do some things that frankly, probably should have been done five years ago, but I think are still very crucially important.”

On Wednesday, Ms O’Neil also confirmed that she has been in contact with Medibank CEO David Koczkar.

“Significant support has been provided by the Australian Signals Directorate’s Australian Cyber Security Centre and the Department of Home Affairs,” she said.

“The incident is another reminder for Australian governments, businesses and citizens to be vigilant about their cyber safety.”

Mr Koczkar said Medibank will “prioritise responding to this matter as transparently as possible”.

In response to the attack, Medibank has also halted trading until further notice.

“Our team has been working around the clock since we first discovered the unusual activity on our systems, and we will not stop doing that now,” he said.

“We will continue to take decisive action to protect Medibank customers, our people and other stakeholders.”

Just last Wednesday, on October 12, the private health insurer said its services had been hit by a “cyber incident”. However at the time the company said there was no evidence customer data had been breached.

“At this stage there is no evidence that any sensitive data, including customer data, has been accessed,” Medibank said in a statement.

“As part of our response to this incident, Medibank will be isolating and removing access to some customer-facing systems to reduce the likelihood of damage to systems or data loss.”

It went on: “As a result our ahm and international student policy management systems have been taken offline. We expect these systems to be offline for most of the day.”

Medibank is the latest company to be hit with cyber attacks which have compromised the sensitive customer information. Other businesses and organisations which have recently been hit with data attacks include Optus, online wine merchants Vinomofo, Telstra, NAB and MyDeal.com.au, which is a subsidiary of the Woolworths Group.

Know more? Get in touch at jessica.wang@news.com.au

More Coverage

Fears for Aussie data after ransom demand

Eli Green

Medibank reveals ‘cyber incident’

Hamish Spence

Originally published as Medibank hackers issue ransom demands, threats to leak data after major cyber security attack