Recently, the 9 million users of the Australian telecoms company Optus found that their information had been compromised. Now cybercriminals have gone one step ahead and attacked another major Australian company: Medibank. With over 4.5 million customers, this is a huge blow to the second largest health insurance provider in Australia.
Following the data breach on Medibank, your private health information may have been exposed to malicious hackers.
The leak of personal data is only expected to accelerate in the near future as more databases become compromised. Affected parties are being contacted to be aware of possible phishing messages.
We know that a company was attacked and that, unfortunately, data leaked. Do you know your company’s cybersecurity policy?
Data Breach On Medibank
Early last month, hackers managed to infiltrate the Medibank security network and plant a ransomware on their infrastructure. Thankfully, our team was able to detect this and stop it from happening any further.
Nonetheless, the ransomware was successfully contained. However, despite this success, the hackers had already managed to steal customer information from three million people.
The ongoing investigation of Medibank’s data breach has yielded no solid information about how the cyber attack occurred. Yet, it is clear that whoever hired the “REvil” group faces enormous consequences.
Due to this hack, people’s sensitive data is potentially available on the dark web. We are sorry for the inconvenience and aim to do everything we can to help
Medibank User Compromised
After the ransom deadline passed, the hackers leaked all of the data they stole on a hidden part of the internet.
There’s nothing more important than keeping customer data secure. That’s why Medibank has teams dedicated to monitoring online security and working on new ways to protect customer information. This data includes personal information such as individual’s names, addresses, birthday dates etc.
We did not pay the ransom
According to Statista, 71% of companies worldwide have been targeted by ransomware in 2022. Approximately 72% of victimized companies have paid the ransom and recovered their personal information.
Cyberattacks such as ransomware not only target a company’s finances, but also heavily affect the way a company’s reputation is perceived. The attack on the Medibank company made this point clear by advising buyers to “sell their Medibank stocks.”
Many companies seem to be able to pay for the information and avoid public scrutiny, keeping the incident under wraps.
In the event of an attack, companies can use their enterprise AI assistant to defend against the threat in a cost-effective manner, avoiding the potential for negative media attention. This enables them to focus on the recovery process without worry about high reconstruction costs.
The ransom can be paid, but it is not advised as this is what fuels the criminal activity.
For Medibank, paying has not been an option: “The extensive advice we have received from cybercrime experts has made it clear that there is only a limited chance of getting our data back if we pay the hacker’s ransom demands.”
Even if Medibank cooperated with the hacking demands, there was no guarantee that the criminals would have met their end of the deal and not released the data regardless.
What’s next for the affected customers?
Medibanks looking into the incident and is working with the Australian Government, Cyber Security Centre and Federal Police.
It’s becoming apparent that there will be lots of data leaked in the days to come, so you should probably prepare for it. They are also notifying people who have been affected and letting them know what information was stolen.
Those who have had their data leaked on the dark web should be wary of phishing attempts, which are likely to come their way. It’s also recommended that passwords be strong and messages not opened.
Medibank is not exempt from legal action. A case is being prepared by two law firms.
