9 Million Customer Records

August 22, 2024

9 Million Customer Records

Over the last two months, a frightening data leak in Australia has exposed the private medical information of 9.7 million customers. Medibank, a leading private health insurer, has been the victim of a ransomware attack that began in mid-October. The group claiming responsibility initially demanded a ransom of $10 million but lowered it to $9.7 to make it an even dollar for each customer affected in the breach. Experts have advised Medibank not to pay the hackers, and so far, they are taking this advice, realizing that the chance of any data being returned or deleted is slim to none. However, the hackers are not taking it well and have begun to publish the data, organized into distasteful categories based on the medical services requested. Let's review how the incident developed.


Timeline of the Breach


Medibank found unusual activity on its servers on October 12th and reported it the next day, saying they had no evidence that customer data had been accessed. After isolating and restarting core systems over the next two days, Medibank attempted to resume business as usual.


On October 17th, Medibank released a statement the same day that the breach was "consistent with a possible ransomware threat." At this time, they added additional security measures and called in cybersecurity experts. Up to this point, no evidence of exfiltration of customer data was found. Some customer services are cautiously brought back online.


Medibank confirmed on October 20th, that data sent to them by the hacking group was legitimate. Over the next few days, an official investigation begins with the Australian Federal Police, and Medibank creates a support package of services to help those affected. These services include access to specialized teams to help those who were becoming the victims of ID theft and scam attempts.


After a few weeks of damage control, Medibank publicly announced on November 7th that they would not be paying the ransom. By not paying the ransom, Medibank sends the message that criminals will not be rewarded for extorting customers' information. The next day, the data begins to be slowly leaked to dark web forums and offered for sale.


On November 11th, the Australian Federal Police and Interpol claimed they had evidence that the hacker group was in Russia. However, there are some indications that the hackers may be linked to REvil, AKA the Sodinokibi organized crime group responsible for the JBS Foods attack last June.


As of the date of this article, November 15th, Australian and International authorities are attempting to work with Russian Police to find the hackers responsible for the attack. Meanwhile, data leaks keep being uploaded, and consumers are advised to keep a close eye on their credit reports for any unusual changes.


No matter how large or small your company is, if you collect PII, you are a target. Hackers know that PII is valuable and that companies will (or should) do everything they can to protect it. If your company collects data, consider this one of many examples of what happens when cybersecurity is lacking. Due to moves from both the SEC and FTC this year, it is becoming clear that federal regulations are coming down the pipe that will make businesses more liable for the protection they can provide for their customers' data. iTecs can protect your data and teach your employees current best practices for safeguarding sensitive material. You can prevent the next cyberattack with a simple phone call to us - contact an iTecs professional today.


Latest posts

Facing the Challenges of Legacy System Modernization: Keys to Successful Cloud Migration
November 3, 2024

Facing the Challenges of Legacy System Modernization: Keys to Successful Cloud Migration

Discover the keys to successful cloud migration for modernizing legacy systems. Overcome challenges and enjoy the benefits. Check this out!
Safeguarding the E-commerce Landscape: Online Retail Cybersecurity Essentials
October 27, 2024

Safeguarding the E-commerce Landscape: Online Retail Cybersecurity Essentials

Learn the key cybersecurity measures needed to protect your e-commerce business and ensure transactions are safe and secure. Contact us now!
Protecting Intellectual Property: Cybersecurity Best Practices for Innovation-driven Industries
October 20, 2024

Protecting Intellectual Property: Cybersecurity Best Practices for Innovation-driven Industries

Learn top cybersecurity practices to safeguard intellectual property in innovation-driven industries. Stay secure with these essential tips.