Cybercriminals are selling the sensitive data of almost 13 million Australians — for just $25,000 (2024)

Cybersecurity experts say the highly sensitive data of 12.9 million Australians, stolen from eScripts provider MediSecure, has already been sold on the dark web and is up for sale again.

The 6.5 terabyte trove contains identifying details such as names, phone numbers, addresses, and Medicare numbers, as well as sensitive medical information such as which drugs people had been prescribed and why.

MediSecure confirmed in May it was the victim of a ransomware attack in 2023, and last week revealed the scale of the breach, which puts it among the largest in Australian history.

It was previously unclear if the data had been sold, but cyber threat intelligence analysts say there's a strong indication that at least one sale has taken place.

As previously reported by the ABC, the data of almost one in two Australians was initially listed for sale with a price tag of $50,000.

The ABC can reveal the post now lists the data as sold, and a subsequent post on a separate dark web forum offers to resell the entire trove at half price — for $25,000.

Cybercriminals are selling the sensitive data of almost 13 million Australians — for just $25,000 (1)

Cybercriminals are selling the sensitive data of almost 13 million Australians — for just $25,000 (2)

Neither ad specifies a currency, but the default on such marketplaces is usually US dollars.

Both appear to have been listed by the same user, who goes by the moniker "Ansgar".

"Basically what they're saying is, 'We have sold this to one person, so we're going to lower the price from the original $50,000 to $25,000'," Jamie O'Reilly, founder of Australian company, Dvuln, which provides cybercrime intelligence services to large businesses, said.

At the original price, a buyer would be paying roughly $4 for the data of 1,000 Australians, and only $2 at the reduced rate.

"The types of people that would want this information are people who are going to be leveraging it further to exploit people," Mr O'Reilly said.

He said at that price, it would offer a lucrative return on investment.

Cybercriminals are selling the sensitive data of almost 13 million Australians — for just $25,000 (3)

"The thought process a cybercriminal's going to go through … is 'how much is it going to cost per record?' And then 'how much money can I make per record or per person?'"

"Even one of those 1,000 Australians has [the] potential to pay for the rest of the 1,000."

Dealing in doubt on the dark web

The secretive nature of dark web marketplaces means verifying whether the data has been sold is a near-impossible task.

Sales such as this one take place between anonymous parties under the cloak of encryption, and cyber security operatives need to infiltrate specific forums to monitor trades.

"We've got to build relationships with these people online — who are not just stealing the information, but also trading it — all while not being detected," Mr O'Reilly said.

While absolute verification is largely beyond reach, Mr O'Reilly and multiple other cybercrime intelligence specialists the ABC has spoken to believe it's highly likely at least one sale has taken place.

"I'm very confident that if someone has this data out there, which they clearly do, they would have found a way to monetise it," he said.

"This forum has been around for quite a long time, more than 10 years, and they do have a good reputation.

"If it does say sold, then I would assume by all means it was sold.

"What I don't know is the exact figure … did it sell for only $2,000 or $20,000?"

Mr O'Reilly says another unknown is when such a sale would have taken place, and that it could have happened any time after the initial ad was posted.

In a statement to the ABC, the National Cyber Security coordinator Lieutenant General Michelle McGuinness said "the Australian government is aware of continued advertisem*nts that purport to contain a dataset exfiltrated from MediSecure".

"We have not seen any information to suggest any data outside the initial sample has been published."

She also reiterated her advice to Australians not to go looking for the data.

"No one should access stolen sensitive or personal information … It can be a criminal offence to deal in stolen personal information and we should not feed into the business model of cyber criminals."

Breach adds missing pieces to a criminal 'mosaic' of data

Each large-scale data breach heightens the risk for Australians, according to the Privacy Commissioner Carly Kind.

"There is the risk of a mosaic approach whereby bad actors, data brokers, and others can now start to piece together the personal information … through multiple data breaches," she said.

MediSecure is just the most recent in a string of Australian companies to find itself compromised in such a way — Optus and Medibank were breached in 2022, and financial services company Latitude followed in 2023, with each incident affecting millions.

Cybercriminals are selling the sensitive data of almost 13 million Australians — for just $25,000 (4)

"So certainly, this recent breach risks aggravating an already bad situation," Commissioner Kind said.

"Most Australians should assume that at some point, their information has been out there at different levels," Mr O'Reilly said.

"All of this information put together in the right hands can be used against them."

Cyber intelligence experts say more breaches are likely taking place than are being publicly reported.

"There's this misconception that if you are hacked, it will be on the news," Mr O'Reilly said.

"This has only been a trend with ransomware because it fits their business model.

"There is a whole other world of hackers who existed way before ransomware gangs existed, who still just want to be quiet.

"It's important for companies to remember … just because it isn't in the news doesn't mean you haven't been hacked.

"The onus is on organisations and businesses to really take steps to protect individual Australians now," Commissioner Kind said.

"And that means looking after the data that they hold, but it also means not collecting and holding information that they don't need."

Loading...

Posted, updated

Cybercriminals are selling the sensitive data of almost 13 million Australians — for just $25,000 (2024)

FAQs

What data do you think cybercriminals can steal answer? ›

Usernames and passwords. Hackers target your login credentials to gain unauthorized access to your accounts. Work logins and information. Employee credentials and corporate data are attractive targets for cybercriminals, especially if you work for a high-profile company with valuable assets.

Where to report cyber crime in Australia? ›

You can report a cybercrime, cyber security risk, incident or vulnerability using ReportCyber. ReportCyber is the Australian Government's online cybercrime reporting tool. It is coordinated by the Australian Cyber Security Centre (ACSC).

Why do cybercriminals want your personal data? ›

Stolen personal information is fuel for identity theft

Criminals steal this data from online accounts to commit identity theft, such as using the victim's credit card or taking loans in their name.

How do cybercriminals get your information? ›

Cybercriminals gather personal information about their targets by using social engineering techniques, looking at social media accounts and collecting data that gets leaked from public data breaches.

What is the cybercrime law in Australia? ›

Cybercrime law

This includes a comprehensive set of computer and telecommunications offences under Parts 7.3, 10.6 and 10.7 of the Commonwealth Criminal Code Act 1995. They include: dishonestly obtaining or dealing in personal financial information . online child sexual exploitation and abuse.

What are the threats to cyber security in Australia? ›

According to the Government's Australian Cyber Security Centre (ACSC), threats might include cyber espionage that gathers intelligence in support of state-sponsored activities; cyber attacks that aim to destroy critical infrastructure; or criminals using the Internet as a means to defraud, or steal individual ...

What is the Australian government source of information on current cyber security threats? ›

Australian Cyber Security Centre (cyber.gov.au) provides a range of resources on cyber security for businesses, individuals and government, including the Australian Government Information Security Manual and the Essential Eight Maturity Model.

What type of information do cyber criminals steal? ›

Cybercriminals can steal any data, but they're mostly interested in legal names, logins, email addresses, and bank and social security numbers.

What is an example of data that can be stolen? ›

The data stolen can be anything from bank account information, online passwords, passport numbers, driver's license numbers, social security numbers, medical records, online subscriptions, and so on.

What do cybercriminals use the most? ›

Common Tactics Used by Cybercriminals

Phishing campaigns involve sending malicious links through various channels, such as email, voice calls (vishing), SMS (smishing), or even through personalized spear phishing, to trick individuals into revealing sensitive information.

What are the three types of cybercriminals? ›

Types of Cyber Criminals
  • Hackers.
  • Organized Hackers.
  • Internet Stalkers.
Jun 19, 2024

Top Articles
The Kyiv-Kosovo Catalyst: Ukraine’s Recognition of Kosovo Can Affirm Western Order in the Balkans and Across Europe - The SAIS Review of International Affairs
How the Kosovo Air War Foreshadowed the Crisis in Ukraine
Bez.talanta Leaks
Look Who Got Busted New Braunfels
80 For Brady Showtimes Near Cinemark At Harlingen
Savannah Rae Demers Fanfix
Dryers At Abc Warehouse
Dr Paul Memorial Medical Center
Married At First Sight Novel Serenity And Zachary Chapter 950
Accident On May River Road Today
Ticket To Paradise Showtimes Near Laemmle Newhall
Ingersoll Greenwood Funeral Home Obituaries
Calculator Souo
Dangerous Cartoons Act - Backlash
Flappy Bird Cool Math Games
Blue Beetle Showtimes Near Regal Independence Plaza & Rpx
Craigslist Westchester Cars For Sale By Owner
Journeys Employee Discount Limit
Punishment - Chapter 1 - Go_mi - 鬼滅の刃
Ice Dodo Unblocked 76
Kaylani Lei Photos
Cavender’s 50th Anniversary: How the Cavender Family Built — and Continues to Grow — a Western Wear Empire Using Common Sense values
H. P. Lovecraft - Deutsche Lovecraft Gesellschaft
636-730-9503
Wash World Of Lexington Coin Laundry
Bx9 Bus Schedule
Eros Cherry Hill
Syracuse Deadline
Devil May Cry 3: Dante's Awakening walkthrough/M16
Tulare Lake’s ghostly rebirth brings wonder — and hardship. Inside a community's resilience
Free Stuff Craigslist Roanoke Va
247 Transfer Portal Rankings Basketball
Riverwood Family Services
Rennlist Com Forums
Fade En V Pelo Corto
Dust Cornell
Sdn Ohio State 2023
Acbl Homeport
Uc Davis Tech Management Minor
Upc 044376295592
Sdn Md 2023-2024
Ohio State Football Wiki
Kens5 Great Day Sa
P1 Offshore Schedule
Stroom- of gasstoring? | Stedin
How Did Kratos Remove The Chains
Florida-Texas A&M: What You Need to Know - Florida Gators
Doctor Strange in the Multiverse of Madness - Wikiquote
Subway Surfers Unblocked Games World
Pizza Mia Belvidere Nj Menu
Costco Gas Price Pembroke Pines
The Emperor's New Groove | Rotten Tomatoes
Latest Posts
Article information

Author: Greg O'Connell

Last Updated:

Views: 5629

Rating: 4.1 / 5 (42 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Greg O'Connell

Birthday: 1992-01-10

Address: Suite 517 2436 Jefferey Pass, Shanitaside, UT 27519

Phone: +2614651609714

Job: Education Developer

Hobby: Cooking, Gambling, Pottery, Shooting, Baseball, Singing, Snowboarding

Introduction: My name is Greg O'Connell, I am a delightful, colorful, talented, kind, lively, modern, tender person who loves writing and wants to share my knowledge and understanding with you.