Read Time:1 Minute, 41 Second

During the ASX 2023 filing, Australia’s largest health insurer Medibank revealed how the hackers could get into their systems. According to the company’s statement, a stolen Medibank username and password were the key for the attack to be successful.

In October 2022, the company officially reported that a cyber attack hit it. A sample of data from some 9.7 million clients has been posted on the dark web. It included names, birth dates, passport numbers, and medical claims information.

Medibank CEO David Koczkar reports, “We remain committed to fully and transparently communicating with customers, and we will contact customers whose data has been released on the dark web. “The weaponisation of people’s private information to extort payment is malicious, and it attacks the most vulnerable members of our community.”

The attackers were able to gain access to the sensitive data of around 9.7 million customers, including Prime Minister Anthony Albanese. Cybersecurity experts and the Australian Federal Police believe that the criminals were part of the Russian ransomware criminal organisation REvil, though the attackers have not fully acknowledged this statement.

When Medibank refused to pay for the ransom, the hackers began publishing lists of customers on the dark web. The hackers published two lists they called naughty and nice. Sensitive medical information of customers was made available to other threat actors.

But recently, the company divulged how the attackers could get into their systems. CRN Tech writer Juha Saarinen noted that “That login was used by an unnamed third-party IT services provider for Medibank. With the stolen credentials, the hacker got through Medibank’s network through a misconfigured firewall appliance, which did not require an additional digital security certificate.”

The attack cost Medibank $26.2 million, and with this, the company has improved its cybersecurity protocols. The company ensured its firewall authentication was configured correctly and introduced the Operation Safeguard testing with Microsoft security experts. The company’s contact centres have also utilised two-factor authentication (2FA) as a security measure for customers calling in.

About Post Author

George Walsh

george@writefuel.com
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
0 0
In, ,
Previous post One of Canada’s Largest Telecommunication Providers Has Purportedly Investigating A Potential Breach
Next post Australians Qualify to Subscribe to Facebook’s New “Meta Verified” Service for $20 per Month

More Stories