Medibank refuses to pay ransom for customer data

Following the cyberattack on the health insurer Medibank in October, the company’s chief executive stated that the company will not pay ransom to the hacker that stole customer data, as there is a limited chance the data will be returned or prevented from being published online. Banking details, driving licences, or health claims for extras services were not accessed, but the personal data of 9,7 million customers including their names, dates of birth, phone numbers, and email addresses were found to have been stolen. The Australian federal police are still investigating the attack, while the company stated that ‘there were no attempts to access the network since it shut out the attacker in early October’.