Medibank Hackers Begin Publishing Data

It has been announced that the criminals behind the Medibank data breach have published some of the stolen data online. On Wednesday the names, addresses, birthdates and Medicare details of about 200 customers started appearing on the dark web under a “good-list” and a “naughty-list”. The health insurer has warned that more stolen data, including passport numbers, will also be published after the first files were released overnight.

Subscribe
Notify of
guest

1 Expert Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Julia O’Toole
Julia O’Toole , Founder and CEO
Industry Leader
November 9, 2022 7:00 pm

The publishing of the data on the dark web was expected after Medibank refused to pay the attacker’s ransom demand. However, this seems like a risk Medibank was willing to take, even though this could significantly compromise its customers. 

Whether this was a move to stand up against the attackers, it is customers who are now paying the price.

The health information of 200 private citizens posted online so far is highly confidential and can’t be changed. Losing the privacy of such information is not only devastating, but victims must also be on the lookout for phishing scams coming not just through email, but also via the phone and post. Furthermore, the risk of identity theft has just skyrocketed for each of these people now.

For organisations, there is no winning choice once their data is breached. That is why it is recommended they segment and control their access before such breaches occur.

Unfortunately, in the case of Australia, we may not have seen the end of this long chain of attacks that has rocked the country in recent months. Other countries should be warned this can become a template for other criminals to follow.

Last edited 21 days ago by Julia O’Toole
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x