9 Million Customer Records

August 22, 2024

9 Million Customer Records

Over the last two months, a frightening data leak in Australia has exposed the private medical information of 9.7 million customers. Medibank, a leading private health insurer, has been the victim of a ransomware attack that began in mid-October. The group claiming responsibility initially demanded a ransom of $10 million but lowered it to $9.7 to make it an even dollar for each customer affected in the breach. Experts have advised Medibank not to pay the hackers, and so far, they are taking this advice, realizing that the chance of any data being returned or deleted is slim to none. However, the hackers are not taking it well and have begun to publish the data, organized into distasteful categories based on the medical services requested. Let's review how the incident developed.


Timeline of the Breach


Medibank found unusual activity on its servers on October 12th and reported it the next day, saying they had no evidence that customer data had been accessed. After isolating and restarting core systems over the next two days, Medibank attempted to resume business as usual.


On October 17th, Medibank released a statement the same day that the breach was "consistent with a possible ransomware threat." At this time, they added additional security measures and called in cybersecurity experts. Up to this point, no evidence of exfiltration of customer data was found. Some customer services are cautiously brought back online.


Medibank confirmed on October 20th, that data sent to them by the hacking group was legitimate. Over the next few days, an official investigation begins with the Australian Federal Police, and Medibank creates a support package of services to help those affected. These services include access to specialized teams to help those who were becoming the victims of ID theft and scam attempts.


After a few weeks of damage control, Medibank publicly announced on November 7th that they would not be paying the ransom. By not paying the ransom, Medibank sends the message that criminals will not be rewarded for extorting customers' information. The next day, the data begins to be slowly leaked to dark web forums and offered for sale.


On November 11th, the Australian Federal Police and Interpol claimed they had evidence that the hacker group was in Russia. However, there are some indications that the hackers may be linked to REvil, AKA the Sodinokibi organized crime group responsible for the JBS Foods attack last June.


As of the date of this article, November 15th, Australian and International authorities are attempting to work with Russian Police to find the hackers responsible for the attack. Meanwhile, data leaks keep being uploaded, and consumers are advised to keep a close eye on their credit reports for any unusual changes.


No matter how large or small your company is, if you collect PII, you are a target. Hackers know that PII is valuable and that companies will (or should) do everything they can to protect it. If your company collects data, consider this one of many examples of what happens when cybersecurity is lacking. Due to moves from both the SEC and FTC this year, it is becoming clear that federal regulations are coming down the pipe that will make businesses more liable for the protection they can provide for their customers' data. iTecs can protect your data and teach your employees current best practices for safeguarding sensitive material. You can prevent the next cyberattack with a simple phone call to us - contact an iTecs professional today.


Latest posts

How to Install Claude Code on Ubuntu Linux: Complete Guide 2025
May 19, 2025

How to Install Claude Code on Ubuntu Linux: Complete Guide 2025

This comprehensive guide walks you through installing Anthropic's Claude Code AI assistant on Ubuntu Linux. You'll learn how to properly configure Node.js and npm, authenticate with the Anthropic API, and start using this powerful AI coding tool in your development workflow. The article covers common troubleshooting techniques, security best practices, and practical examples of how Claude Code can accelerate development by editing files, answering code architecture questions, and managing git workflows. Perfect for developers looking to enhance productivity with AI-assisted coding or IT administrators planning enterprise-wide implementation of cutting-edge development tools.
LockBit Ransomware Group Hacked: 5 Critical Security Lessons for Dallas Businesses
May 12, 2025

LockBit Ransomware Group Hacked: 5 Critical Security Lessons for Dallas Businesses

The recent hack of the infamous LockBit ransomware group offers Dallas businesses rare insights into cybercriminal operations and reinforces critical security principles. This article explores five key takeaways from this event, including the importance of zero trust architecture, regular security assessments, and incident response planning, while providing actionable recommendations to strengthen your organization's security posture.
How the 2025 Tariffs Are Reshaping IT Investment Strategies
May 9, 2025

How the 2025 Tariffs Are Reshaping IT Investment Strategies

April 2025 tariffs have increased IT hardware costs 10-20%, pushing businesses toward cloud solutions rather than absorbing higher capital expenses. ITECS's managed cloud services offer predictable monthly costs, eliminate procurement delays, and enhance security. One client achieved 22% cost reduction with 99.99% uptime, demonstrating how businesses can mitigate tariff impacts while gaining scalability and expert support.