Simon Sharwood reports:
Australian health insurer Medibank – which spent October discovering a security incident was worse than it first thought – has announced it will not pay a ransom to attackers that made off with personal info describing nearly ten million customers.
“Based on the extensive advice we have received from cyber crime experts we believe there is only a limited chance paying a ransom would ensure the return of our customers’ data and prevent it from being published,” CEO David Koczkar stated in a stock market filing published on Monday.
Read more at The Register.
Medibank has also updated its incident reporting/update page today.
Update: The dark web leak site generally referred to as REvil’s site has posted:
“A man who has committed a mistake and doesn’t correct it is committing another mistake. -Confucius”
Data will be publish in 24 hours
P.S I recommend to sell medibank stocks.