A ransomware gang that some believe is a relaunch of REvil and others track as BlogXX has claimed responsibility for last month's ransomware attack against Australian health insurance provider Medibank Private Limited.
Medibank released a statement explaining that it believes a payout could "encourage the criminal to directly extort our customers, and there is a strong chance that paying puts more people in harm's way by making Australia a bigger target."
Client data from Medibank, Australia’s largest health insurer, was released by an extortionist on Wednesday, including details of HIV diagnoses and drug abuse treatments, after the company refused to pay a ransom for the personal records of almost 10 million current and former customers.
It follows Medibank's refusal to pay a ransom for the data, supported by the Australian government.
A Georgia-based home healthcare and hospice provider will pay nearly $500,000 to the state of Massachusetts to end state litigation tied to a data breach affecting nearly 170,000 patients.