Attack

“We know who you are” says AFP to Medibank hackers

“We know who you are” says AFP to Medibank hackers

The hackers responsible for a cyber attack against Australian health insurer Medibank have been identified by the Australian Federal Police (AFP) as being associated with Russia. The breach, which was initially identified on October 13, saw 200GB of data stolen, 9.7 million people affected and the private medical details for a significant number of people distributed on the dark web. Commissioner of the AFP, Reese Kershaw, directly addressed the hackers, saying “we know who you are”. He also said that the AFP believed they had identified which gang was behind the cyber attack, but that they do not current plan…
Read More
“We know who are” says AFP to Medibank hackers

“We know who are” says AFP to Medibank hackers

The hackers responsible for a cyber attack against Australian health insurer Medibank have been identified by the Australian Federal Police (AFP) as being associated with Russia. The breach, which was initially identified on October 13, saw 200GB of data stolen, 9.7 million people affected and the private medical details for a significant number of people distributed on the dark web. Commissioner of the AFP, Reese Kershaw, directly addressed the hackers, saying “we know who you are”. He also said that the AFP believed they had identified which gang was behind the cyber attack, but that they do not current plan…
Read More
IOTW: Everything we know about the Medibank data leak

IOTW: Everything we know about the Medibank data leak

The hacker responsible for a data breach of Australian health insurance provider Medibank which affected 9.7 million people has released private medical information on the dark web. The hacker posted a file labelled “abortions” to a site backed by Russian ransomware group REvil on November 10, 2022. It apparently contains information on procedures that policyholders have claimed on, including miscarriages, terminations and ectopic pregnancies.   The hackers also released files containing customer data called "good-list" and "naughty-list" on November 9, 2022. The so-called “naughty-list” reportedly includes details on those who had sought medical treatment for HIV, drug addiction or alcohol…
Read More
Hacker releases stolen Medibank data on the dark web

Hacker releases stolen Medibank data on the dark web

The hacker that stole 200GB worth of customer data from Australian health insurance provider Medibank has released files containing some of the data on the dark web. The data leak comes after Medibank publicly refused to pay the hacker a ransom on November 7. This prompted the malicious actor to post a threat on November 8 on a dark web site backed by Russian ransomware group REvil. It stated  they would release the data in 24 hours. The data released so far includes names, addresses, dates of birth, phone numbers, email addresses, Medicare numbers, passport numbers and some health claims…
Read More
Hacker threatens to release data stolen from 9.7m Medibank customers

Hacker threatens to release data stolen from 9.7m Medibank customers

A threat to release 200GB worth of data stolen from Australian health insurance company Medibank has been posted to a site backed by Russian ransomware group, REvil. The threat comes after Medibank made a public statement that it would not be paying the ransom demanded by the hacker. In the message, the supposed hacker quotes Confuscious, implying Medibank is making a "mistake" by not paying the ransom. The malicious actor then said that they would release the data within the next 24 hours, and advised readers to "sell Medibank stock".  #revil #ransomware has posted a warning to #medibank on their…
Read More
Dropbox suffers data breach following phishing attack

Dropbox suffers data breach following phishing attack

Cloud storage company Dropbox has suffered a data breach after its employees were targeted by a phishing attack. The attack, which took place on October 14, saw a malicious actor pose as code integration and delivery platform CircleCI in order to harvest login credentials and authentication codes from employees and gain access to Dropbox’s account on code repository site GitHub, as CircleCI login information can be used to access Github.  Through the attack, the hacker gained access to some of the code Dropbox stores using the platform, including API keys used by its developers. Dropbox was alerted to the breach…
Read More
Hacker steals US$1mn worth of crypto and NFTs 24 hours

Hacker steals US$1mn worth of crypto and NFTs 24 hours

A hacker known as Monkey Drainer has stolen US$1mn worth of Ethereum and NFTs in a hacking spree across just 24 hours. The hack was reported by Twitter user ZackXBT who describes themselves as a “crypto sleuth” and a “rug pull survivor turned 2D detective”. A rug pull is a scam which sees malicious actors pose as a legitimate cryptocurrency project to attract investors, only to ‘pull out’ of the project before it is completed, leaving the investors with worthless cryptocurrency. 1/ Over the past 24 hrs ~700 ETH ($1m) has been stolen by the phishing scammer known as Monkey…
Read More
IOTW: Medibank confirms 200GB of customer data stolen

IOTW: Medibank confirms 200GB of customer data stolen

Medibank has confirmed that hackers have stolen customers’ personal data after gaining unauthorized access to its internal systems. In a statement released on October 20, Medibank explained that the hackers that had previously contacted them attempting to ransom customer data had released a sample of 100 customers’ details to them. Medibank said that it believed the data came from its “ahm and international student systems” and that it contained customers full names, addresses, dates of birth, Medicare numbers, policy numbers, phone numbers and some claims data. The claims data includes codes relating to their medical diagnoses and procedures as well…
Read More
Medibank is latest Australian company to suffer cyber security incident

Medibank is latest Australian company to suffer cyber security incident

Australian insurance company Medibank has made a public statement after being contacted by a malicious party claiming to have customer data and wanting a ransom for its deletion. The initial cyber security incident occurred on October 13, when Medibank detected some “unusual activity” on its internal systems. After dealing with the cyber-attack, Medibank said in a statement about the October 13 breach that there was “no evidence that customer data has been accessed” during the breach. Medibank was then contacted on October 17 by the malicious party, who aimed to “negotiate with the company regarding their alleged removal of customer…
Read More
MyDeal data breach impacts 2.2 million people

MyDeal data breach impacts 2.2 million people

Australian online retail marketplace MyDeal has confirmed that it was the victim of a data breach that exposed the data of around 2.2 million customers. The retailer, which is a subsidiary of supermarket chain Woolworths, has confirmed that it will be contacting all those affected by the breach via email, as well as alerting the “relevant regulatory authorities and government agencies”. Woolworths said in a statement that the breach was caused by a malicious actor using “a compromised user credential” to gain unauthorized access to MyDeal’s Customer Relationship Management (CRM) system. Customer information exposed during the cyber-attack included names, dates…
Read More