SYDNEY: Australia’s biggest health insurer Medibank Private Ltd, recently hit by a massive cyber hack, say the hacker could release more stolen data after the company refused to make ransom payments.

Some names, addresses, phone numbers, email addresses, passport numbers of international students and health claims data stolen from Medibank’s systems have already been released on a dark web forum, the company said in a statement.

“We expect the criminal to continue to release files on the dark web,” it added.

Local media has reported the stolen data was posted on a blog linked to ransomware crime group REvil, which some experts say has links to Russia.

Prime Minister Anthony Albanese said his government was working with investigators on the cyber hack, the latest in a string of data breaches which have rocked corporate Australia.

“This is really tough for people.

“I’m a Medibank private customer as well, and it will be of concern that some of this information has been put out there,” Albanese said during a media briefing.

It was not immediately clear whether the hacker has access to the prime minister’s medical or personal details.

Data of around 9.7 million current and former customers were compromised, Medibank has said.

Medibank shares have plunged 22% since the hack was revealed by the company on Oct 13. Shares were up nearly 2% in late morning trade yesterday. — Reuters