MediBank

In October 2022 Australian health insurance giant Medibank suffered a massive ransomware attack attributed to the REvil group. The breach compromised the personal information of approximately 9.7 million current and former customers. Hackers gained access through stolen credentials of a staff member with high level system privileges. The stolen data included sensitive medical records related to procedures for mental health conditions, heart disease, and cancer. After Medibank refused to pay the ransom demand the threat actors began publishing the sensitive patient data on a darknet forum in several stages to maximize pressure and damage.