Received

Medibank has warned more customer data stolen by hackers, including passport numbers, will be uploaded to the dark web after the first files were dropped overnight.

The data trickle includes names, birthdates, addresses, email addresses, phone numbers, health claims information, Medicare numbers for Medibank's ahm customers and passport numbers for international student clients.

There are grave concerns digital criminals will exploit the data, which began appearing on a ransomware group's blog in the early hours of Wednesday under "good-list" and "naughty-list".

"The files appear to be a sample of the data that we earlier determined was accessed by the criminal," Medibank said on Wednesday.

"We expect the criminal to continue to release files on the dark web."

Medibank has promised to tell customers what data it believes has been stolen, if any of their data is included in the files on the dark web and give advice on what to do.

Cyber Security Minister Clare O'Neil labelled the hacking the "lowest of lows", noting that while only a small number of people's personal health information had been shared so far, that was likely to change.

"I cannot articulate the disgust I have for the scumbags who are at the heart of this criminal act," she told parliament.

"People are entitled to keep their health information private, even amongst ransomware attackers, the idea of releasing personal medical information of other people is considered beyond the pale."

Ms O'Neil said Australia's cyber security was five years behind where it needed to be and the government was working hard to rectify that.

The Australian Federal Police have expanded their joint initiative with state and territory police set up to investigate September's Optus data breach to also target the Medibank hack.

"Operation Guardian will be actively monitoring the clear, dark and deep web for the sale and distribution of Medibank Private and Optus data," AFP Assistant Commissioner Cyber Command Justine Gough said.

"This is not just an attack on an Australian business. Law enforcement agencies across the globe know this a crime type that is borderless and requires evidence and capabilities to be shared."

Medibank had rejected hacker demands it pay a ransom in return for the data not being released.

The ransomware group indicated in a post seen by AAP, it was releasing data bit by bit because of its complexity.

"Looking back that data is stored not very understandable format (table dumps) we'll take some time to sort it out," the post accompanying the lists said.

"We'll continue posting data partially, need some time to do it pretty."

The hackers also appeared to have released screenshots of private messages recently exchanged with Medibank representatives.

Medibank has previously confirmed that details of almost 500,000 health claims have been stolen along with personal information, after the unnamed group hacked into its system weeks ago.

Some 9.7 million current and former customers have been affected.

No credit card or banking details were accessed.

Deputy Liberal leader Sussan Ley called on the government to release money put aside by the former coalition to bolster business defence against hackers.

"Release the $60 million of funding we had put aside in grants that would go towards organisations to make them more resilient in the face of cyber attacks," she told reporters.

"We need a plan to address the concerns of everyday Australians, particularly when their sensitive health information has been leaked."

© AAP 2022

MPs have warned new workplace laws could greatly affect small businesses, as debate continues on the contentious reforms.

The government is attempting to pass its workplace bill, which would allow for multi-employer bargaining, by the end of the year.

But opposition and crossbench MPs have accused Labor of trying to shut down debate.

Debate is expected to run well into the night on Wednesday before a vote in the lower house on Thursday.

The Senate will then have just two sitting weeks to consider the bill before parliament rises for the year.

Independent MP Dai Le said the proposed changes would be a burden for small businesses.

"The bill itself has more layers than an onion, and as you try to peel back you can't help but cry at the layers on top of more regulatory requirement for employers, especially those smaller businesses who can't afford lawyers," she told parliament on Wednesday.

"Why is the government rushing into this with Christmas around the corner, on such important legislation that will have unintended consequences."

Several MPs have backed calls for the bill to split, to ensure that non-contentious elements of the legislation like pay increases for workers could be passed quickly.

Negotiations are still ongoing with crossbench members of the upper house, with independent David Pocock saying he has yet to make up his mind on supporting the bill.

Greens leader Adam Bandt said the minor party would support the bill in the lower house, before considering if further changes needed to be made once debate reaches the Senate.

Labor will need the Greens plus one crossbench senator to pass the bill.

Mr Bandt said he was supportive of many elements of the bill, but wanted to ensure employees would not be left worse off.

"We don't want loopholes in this bill that might allow people to go backwards, and I think that's the government's intention as well," Mr Bandt told reporters in Canberra on Wednesday

"We want to make sure that this bill has a good floor."

The Greens leader said negotiations were continuing with the government.

He said he was happy with the bill's position on multi-employer bargaining with amendments that have been proposed.

Opposition Leader Peter Dutton has called a three-month review of the legislation, rather than it be raced through parliament by the end of the year, along with scrapping changes to multi-employer bargaining.

He warned the bargaining changes would lead to more strike action across the country.

Crossbench MP Rebekha Sharkie has called on the government to expand the definition of small businesses in the bill from 15 to up 100 employees, to ensure that smaller businesses would not be impacted by bargaining changes.

Ms Sharkie also wants an inquiry into the bill's proposal to scrap the Australian Building and Construction Commission

Workplace Relations Minister Tony Burke has insisted the legislation is urgent in order to get stagnant wages moving as soon as possible.

Further amendments to the bill are expected to be debated, with more likely to be considered once a Senate report into the proposed laws is handed down later this month.

"The current bargaining system will not deliver pay equity and the rules they need to be changed," he said.

© AAP 2022

A ransomware group has begun posting client data stolen from Australia's largest health insurer on the dark web.

Hundreds of names, addresses, birthdates and Medicare details were being posted under "good-list" and "naughty-list" on a blog belonging to the group.

The hackers had demanded a ransom to stop them from releasing the data, but Medibank earlier this week said it would not pay it because it would encourage further crime.

Shortly after midnight, the group posted the first lists.

"Looking back that data is stored not very understandable format (table dumps) we'll take some time to sort it out," they said in the early hours of Wednesday.

"We'll continue posting data partially, need some time to do it pretty."

The hackers also appeared to have revealed screenshots of private messages recently exchanged between themselves and Medibank representatives.

Medibank has previously confirmed almost 500,000 health claims were stolen by the hackers, along with personal information, when the unnamed group hacked into its system weeks ago.

Some 9.7 million current and former customers have been affected.

No credit card or banking details were accessed.

On Tuesday, the ransomware group posted to its blog that "data will be publish (sic) in 24 hours".

"P.S. I recommend to sell (sic) medibank stocks."

Medibank apologised again to clients past and present on Tuesday. It advised customers to be alert for any phishing scams via phone, post or email.

"We knew the publication of data online by the criminal could be a possibility but the criminal's threat is still a distressing development for our customers," CEO David Koczkar said on Tuesday.

Home Affairs Minister Clare O'Neil said Medibank's decision not to pay a ransom to cyber criminals was in line with government advice.

Medibank is certainly not alone in refusing to pay a ransom demand, with a recent report finding 19 per cent of Australian companies responded to ransomware attacks by paying the fee.

Mimecast's 2022 State of Ransomware Readiness report found 20 per cent of companies were asked to pay between $500,000 and $999,999 for their information

Some 13 per cent of the businesses surveyed said the total cost of the ransomware attacks they'd experienced was between $1 million and $2 million.

At a Senate estimates hearing on Tuesday, Australian Federal Police commissioner Reece Kershaw told businesses to make sure they contact authorities as early as possible if they suspect a possible data breach.

With the FBI now helping the AFP track down those behind the Medibank and Optus data breaches, Mr Kershaw said investigating would be long and complex.

"The longer it takes relevant agencies to be informed, the harder it is for perpetrators to be identified, disrupted or brought to justice," he told senators.

© AAP 2022