“The Australian Federal Police have said they will take swift action against anyone attempting to benefit,exploit or commit criminal offences using stolen Medibank customer data.
“We continue to work closely with the Australian Federal Police who are focused,as part of Operation Guardian,on preventing the criminal misuse of this data.”
The AFP has no comment as this is an ongoing investigation.
Cybersecurity site Cyberknow reports that the Medibank data has started to circulate from a blog that has been linked to REvil,a ransomware gang with strong Russian links,to other forums.
“This is a standard part of the ecosystem,” Cyberknow posted on Twitter on Tuesday morning.
The data has been posted to a number of sites,according to Brett Callow,a threat analyst at Emsisoft.
This masthead revealed on Tuesday that the hackers also stole data on Medibank employees,including mobile and work device numbers,which potentially opens up new vulnerabilities for its computer systems.