1
00:00:00,920 --> 00:00:04,680
Speaker 1: This is gem Nation with Jones and land Well. The

2
00:00:04,720 --> 00:00:07,280
Speaker 1: hackers of Medicare threatened that they would release the data

3
00:00:07,280 --> 00:00:10,360
Speaker 1: of millions of Australians if their demands weren't met. At

4
00:00:10,440 --> 00:00:13,640
Speaker 1: two am this morning, the hackers posted some details, including

5
00:00:13,680 --> 00:00:17,320
Speaker 1: phone numbers and Medicare numbers, to a dark web forum.

6
00:00:18,040 --> 00:00:21,599
Speaker 1: Well what does this mean not just for Medicare customers

7
00:00:21,640 --> 00:00:24,240
Speaker 1: but for everyday Australians. How worried should we be? How

8
00:00:24,239 --> 00:00:27,640
Speaker 1: can we protect ourselves? Australia's leading tech expert, Trevor long

9
00:00:27,760 --> 00:00:30,280
Speaker 1: Joys is now to explore it or with us. Hello Trevor,

10
00:00:30,320 --> 00:00:31,440
Speaker 1: how are you morning?

11
00:00:31,520 --> 00:00:33,840
Speaker 2: Matter? I'm very well, So what does this mean?

12
00:00:33,920 --> 00:00:35,920
Speaker 1: Tell us what's happening? If you wake up this morning

13
00:00:35,920 --> 00:00:37,720
Speaker 1: and you're with Medicare and you hear that at two

14
00:00:37,760 --> 00:00:39,800
Speaker 1: AMS some of the data was released.

15
00:00:40,280 --> 00:00:42,960
Speaker 2: Yeah, this is It will concern people. I'm a medibank

16
00:00:42,960 --> 00:00:45,560
Speaker 2: customer and you know it worries me that my health

17
00:00:45,640 --> 00:00:47,959
Speaker 2: information might be released to the public. But I look

18
00:00:48,000 --> 00:00:49,639
Speaker 2: at mine and go I'm not too stressed because it's

19
00:00:49,640 --> 00:00:52,320
Speaker 2: not that bad. But I've looked this morning, Amanda and

20
00:00:52,400 --> 00:00:55,279
Speaker 2: jonesiet some of the data this hacker has released, and

21
00:00:55,720 --> 00:00:58,600
Speaker 2: while it's only a couple hundred people. It is. It's

22
00:00:58,680 --> 00:01:00,920
Speaker 2: personal information like you name, it, address, and phone number,

23
00:01:00,960 --> 00:01:04,720
Speaker 2: but it's also where you've been treated and for what

24
00:01:04,800 --> 00:01:08,440
Speaker 2: you've been treated, so for example, it might be a hospital.

25
00:01:08,480 --> 00:01:11,440
Speaker 2: And then it has diagnosis codes, so it's not written

26
00:01:11,480 --> 00:01:14,120
Speaker 2: that you have diabetes or a mental health problem. But

27
00:01:14,319 --> 00:01:18,679
Speaker 2: those codes are common in the medical insurance industry, and

28
00:01:19,120 --> 00:01:20,960
Speaker 2: I've simply googled a few of the codes to work

29
00:01:20,959 --> 00:01:24,560
Speaker 2: out what they are. So for people out there who

30
00:01:24,600 --> 00:01:27,760
Speaker 2: are medibank customers, and there's five hundred thousand of them

31
00:01:27,760 --> 00:01:31,200
Speaker 2: who are most affected, there the hacker has their medical information.

32
00:01:31,560 --> 00:01:33,840
Speaker 2: The other nine point two million, they have a lot

33
00:01:33,840 --> 00:01:36,319
Speaker 2: of information about you, but not the medical stuff. So

34
00:01:37,319 --> 00:01:39,760
Speaker 2: it's a worrying thing because we worry about the things

35
00:01:39,760 --> 00:01:41,600
Speaker 2: that we might not have told people. It didn't need

36
00:01:41,600 --> 00:01:44,560
Speaker 2: to tell people like our employer or our mates about

37
00:01:44,560 --> 00:01:47,360
Speaker 2: our medical conditions that may now become public.

38
00:01:48,240 --> 00:01:51,920
Speaker 3: The manibank hack happened, and then pretty much the next

39
00:01:52,000 --> 00:01:55,800
Speaker 3: day or two days later, I got my bank contacted me.

40
00:01:55,840 --> 00:01:58,560
Speaker 3: They had to cancel my debit card because it had

41
00:01:58,560 --> 00:02:00,400
Speaker 3: been hacked, to the tune of three out of ninety

42
00:02:00,440 --> 00:02:04,560
Speaker 3: dollars by Apple California. Would that be a result of

43
00:02:04,560 --> 00:02:06,680
Speaker 3: that because I'm with Medibank and they do have my

44
00:02:06,760 --> 00:02:09,720
Speaker 3: banking details, can they get into my bank account?

45
00:02:10,080 --> 00:02:14,919
Speaker 2: No, No financial credit card details were obtained in either

46
00:02:14,960 --> 00:02:18,160
Speaker 2: the Optics or the Medibank hacks that we're aware of,

47
00:02:18,880 --> 00:02:21,160
Speaker 2: and both companies have said that pretty clearly, so they

48
00:02:21,200 --> 00:02:24,800
Speaker 2: would know. Unfortunately, right now we've got that situation where

49
00:02:24,800 --> 00:02:28,760
Speaker 2: every scam or every problem we have with cybersecurity appears

50
00:02:28,760 --> 00:02:31,000
Speaker 2: to be linked to these when they're probably not. But

51
00:02:31,560 --> 00:02:33,800
Speaker 2: it's raised awareness for us all around the kind of

52
00:02:33,800 --> 00:02:36,720
Speaker 2: things that can happen, because actually the biggest risk right

53
00:02:36,720 --> 00:02:39,560
Speaker 2: now isn't in this case identity fraud or anything like that,

54
00:02:39,720 --> 00:02:43,320
Speaker 2: it's just scams. For example, that the people who are

55
00:02:43,320 --> 00:02:46,360
Speaker 2: in this list that have been published now, they're likely

56
00:02:46,400 --> 00:02:49,720
Speaker 2: to get emails that are demanding a ransom. Hey pay

57
00:02:49,760 --> 00:02:52,280
Speaker 2: me a thousand dollars or I will release your information

58
00:02:52,360 --> 00:02:55,200
Speaker 2: to your employer, and they will scare those people, and

59
00:02:55,800 --> 00:02:58,360
Speaker 2: as it should, but there's nothing you can do to

60
00:02:58,360 --> 00:03:03,000
Speaker 2: prevent it being published, shared, or used by other cyber

61
00:03:03,000 --> 00:03:06,040
Speaker 2: hackers and criminals to scam you, and certainly don't pay it.

62
00:03:06,160 --> 00:03:07,880
Speaker 1: No, is that the advice don't pay it.

63
00:03:08,520 --> 00:03:11,480
Speaker 2: Do not pay it, because I've tested this with an

64
00:03:11,520 --> 00:03:14,320
Speaker 2: Instagram hacker. My a friend of my son's lost his

65
00:03:14,400 --> 00:03:16,320
Speaker 2: Instagram account to a hacker, and so I paid the

66
00:03:16,320 --> 00:03:18,720
Speaker 2: fifty dollars bitcoin and then he asked for another twenty.

67
00:03:18,760 --> 00:03:20,560
Speaker 2: I paid that twenty, asked for another thirty, and I

68
00:03:20,639 --> 00:03:23,480
Speaker 2: just realized that's where it's going. And then how they work.

69
00:03:23,560 --> 00:03:26,359
Speaker 2: Once they know you're on the hook, they keep reeling

70
00:03:26,400 --> 00:03:29,280
Speaker 2: new in and reeling you in. So by acknowledging even

71
00:03:29,320 --> 00:03:32,800
Speaker 2: that you exist, by replying, you are putting yourself further

72
00:03:32,840 --> 00:03:36,080
Speaker 2: onto the hook. So as hard as it is, you

73
00:03:36,160 --> 00:03:38,440
Speaker 2: have to ignore it, you have to delete it, and

74
00:03:38,480 --> 00:03:41,440
Speaker 2: you have to confront the fact that the information may

75
00:03:41,480 --> 00:03:43,240
Speaker 2: be out there. But one of the things I've said

76
00:03:43,280 --> 00:03:45,360
Speaker 2: a lot in the last week is this is really

77
00:03:45,440 --> 00:03:48,000
Speaker 2: up to us as Australians and the media as to

78
00:03:48,040 --> 00:03:51,280
Speaker 2: how valuable this data is. Because if we don't give

79
00:03:51,320 --> 00:03:54,280
Speaker 2: it any credibility or credence in terms of you know,

80
00:03:54,400 --> 00:03:56,960
Speaker 2: treating our friends or family differently because we find out

81
00:03:56,960 --> 00:04:00,320
Speaker 2: about a diagnosis they had, then the data is valueless.

82
00:04:00,480 --> 00:04:02,040
Speaker 2: And I think that's the best thing we can do

83
00:04:02,160 --> 00:04:04,520
Speaker 2: is is put our arms around each other and go,

84
00:04:04,600 --> 00:04:07,280
Speaker 2: I don't care what your diagnosis has been is or whatever,

85
00:04:07,560 --> 00:04:11,720
Speaker 2: and certainly we will never publish or share this information online.

86
00:04:12,080 --> 00:04:15,280
Speaker 1: Right Medibank has stated publicly that it's not going to

87
00:04:15,320 --> 00:04:18,640
Speaker 1: pay the ransom. Is this the right decision because more

88
00:04:18,680 --> 00:04:20,440
Speaker 1: and more companies are going to be in this position.

89
00:04:21,080 --> 00:04:23,320
Speaker 2: It's going to feel like the wrong decision today because

90
00:04:23,400 --> 00:04:27,359
Speaker 2: the hacker has released all the communication between themselves and medibank,

91
00:04:27,400 --> 00:04:30,719
Speaker 2: and it's a wild ride. It's like reading a novel

92
00:04:31,160 --> 00:04:33,120
Speaker 2: the way the communication went back and forward, and it

93
00:04:33,240 --> 00:04:36,640
Speaker 2: ended with Medibank saying, after considering all options, we've made

94
00:04:36,680 --> 00:04:39,240
Speaker 2: a decision that we cannot pay your demand and confirm

95
00:04:39,279 --> 00:04:42,000
Speaker 2: that it's also Australian government policy not to and they say,

96
00:04:42,040 --> 00:04:45,279
Speaker 2: we understand the impact this may have, essentially acknowledging that

97
00:04:45,360 --> 00:04:47,120
Speaker 2: we know you're going to release it, but we're not

98
00:04:47,160 --> 00:04:49,039
Speaker 2: going to pay the ransom. And it is the right

99
00:04:49,080 --> 00:04:51,920
Speaker 2: thing to do because by paying the ransom, they're simply

100
00:04:51,960 --> 00:04:55,560
Speaker 2: telling every cyber criminal in the world that Australia is

101
00:04:55,600 --> 00:04:56,920
Speaker 2: a place where ransoms are paid.

102
00:04:57,120 --> 00:04:58,760
Speaker 3: Yeah, we can't have that, can't have that.

103
00:04:58,760 --> 00:05:02,560
Speaker 1: But awful for all this information.

104
00:05:02,560 --> 00:05:03,200
Speaker 2: You know, I care.

105
00:05:03,240 --> 00:05:05,200
Speaker 3: If people know about my ailments, I'll tell you about

106
00:05:05,200 --> 00:05:05,680
Speaker 3: them right now.

107
00:05:05,720 --> 00:05:07,599
Speaker 1: Yeah, that you're in a position where that's okay. For

108
00:05:07,600 --> 00:05:09,280
Speaker 1: a lot of people, that's not right. So we take

109
00:05:09,320 --> 00:05:11,480
Speaker 1: the sting out of the tail by embracing our friends

110
00:05:11,480 --> 00:05:14,160
Speaker 1: and saying we don't care. Is that right, Trevor, that's right.

111
00:05:14,600 --> 00:05:16,920
Speaker 2: The best thing we can do is to ignore what

112
00:05:16,960 --> 00:05:20,240
Speaker 2: you're reading and hear about individual cases. And if one

113
00:05:20,240 --> 00:05:22,920
Speaker 2: of your friends seems to be affected by this, yeah,

114
00:05:23,000 --> 00:05:25,000
Speaker 2: throw your arm around them and tell them that we're

115
00:05:25,040 --> 00:05:27,640
Speaker 2: all all in this together and there's no impact on

116
00:05:27,760 --> 00:05:31,280
Speaker 2: any person's working or friend relationship around a little bit

117
00:05:31,279 --> 00:05:32,000
Speaker 2: of health information.

118
00:05:32,080 --> 00:05:34,480
Speaker 1: Well, let's hope employers feel this respect.

119
00:05:35,320 --> 00:05:37,680
Speaker 3: What's a whole employer that you never know?

120
00:05:37,839 --> 00:05:38,600
Speaker 1: You never know?

121
00:05:39,000 --> 00:05:42,279
Speaker 3: Well, Trevor, thank you for providing clarity. Head to E

122
00:05:42,360 --> 00:05:46,400
Speaker 3: F t M dot com for all Trevor Long's take advice, Trevor,

123
00:05:46,400 --> 00:05:48,320
Speaker 3: Thank you, Jeers, guys, thank you.

124
00:05:48,360 --> 00:05:48,720
Speaker 1: Trevor.