Content |
History
2022
Draining data of all customers of the company
In early December 2022, the Federal Police Australia accused hackers from the group REvil of stealing the personal data of customers of the country's largest medical insurance company. Medibank The company confirmed the theft of data, estimating the damage at $20 million and recognizing the victims. The corresponding statement by AFP Commissioner Reese Kershaw was published on the agency's website. According to hackers, they posted the data of all customers in the public domain.
The attackers posted the update on their dark web blog early in the morning of December 1, 2022, with the inscription: Happy Cybersecurity Day!!! The folder you added is full. Case dismissed. |
Australian police know the names of those responsible for hacking the Medibank database and are in contact with Russian law enforcement, according to the Australian Federal Police (AFP) commissioner. He added that the crime could affect "millions of Australians" and damage large Australian businesses.
Previously, cybercriminals from Medibank published data including customer names, dates of birth, passport numbers, information about medical claims and confidential files related to abortions and alcohol-related illnesses. Some of the data included in the editorial office of TechCrunch contains correspondence between cybercriminals and Medibank CEO David Kochkar, including a message in which hackers threaten to leak "credit card decryption keys," despite Medibank's assertion that no access to bank data or credit card data was carried out.
The "full" folder contained six buttoned-up files with raw data, according to Medibank. The cache of more than six gigabytes is much larger than all previous company leaks created by cybercriminals earlier. In November 2022, Medibank confirmed that the attackers took possession of the personal data of 9.7 million customers and data on medical claims of almost 500 thousand customers.[1]
All Customer Data Breach Acknowledgement
On October 25, 2022, the Australian insurance company Medibank, one of the largest in the country, announced that during a recent cyber attack, attackers could steal personal information about all its customers. The consequences of the hack turned out to be much larger than previously assumed.
The invasion was made on October 12, 2022. Then Medibank recorded suspicious activity on its network, but at the same time stated that there was no evidence of identity theft. A subsequent investigation found that this was not the case. The company's IT infrastructure was attacked by a ransomware program, before the implementation of which criminals extracted the entire Medibank client database. Moreover, later one of the ransomware contacted the company, reporting the theft of 200 GB of information. As proof, he provided about 100 stolen files.
As now reported, the attackers could have personal information about all Medibank customers (about 2.8 million people) and a large number of records complaining of health problems. The same goes for all ahm customers. Finally, data on foreign student clients and their complaints about the state of health could be stolen.
In this regard, Medibank promises to provide comprehensive support to its customers. It includes monetary compensation; free identity confirmation services for customers whose primary ID has been compromised; reimbursement of expenses for re-registration of identity documents; consulting with personal data protection specialists; access to a dedicated Medibank support line.
Meanwhile, after a series of high-profile data breaches that several Australian firms have faced in recent times, the government has begun work on a bill to tighten the liability for the theft of personal information. We are talking, among other things, about increasing fines.[2]