Security News

Both telecommunications provider Optus and private health insurer Medibank suffered large-scale data breaches affecting tens of millions of Australians, leading to heightened regulatory and business focus on cyber security in the years since. More Australia coverage Australia's privacy regulator alleges serious Medibank cyber security failures.

A scathing report by Australia's Information Commissioner details how misconfigurations and missed alerts allowed a hacker to breach Medibank and steal data from over 9 million people. In October 2022, Australian health insurance provider Medibank disclosed that it had suffered a cyberattack that disrupted the company's operations.

The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank's IT contractor. According to a statement by the Australian Information Commissioner filed with the Federal Court of Australia, the credentials were stolen by way of infostealer malware, after that employee "Saved his Medibank username and password for a number of Medibank accounts to his personal internet browser profile on the work computer he used to provide IT services to Medibank", and then signed into his internet browser profile on his personal computer.

Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider...

The Australian, US, and UK governments have announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Medibank is a large health insurance provider in Australia that suffered a ransomware attack in October 2022, causing operational and business disruption.

The Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Following a lengthy investigation, the Australian authorities identified Ermakov as the person responsible for the Medibank hack and data theft.

If safety regulations are written in blood, what are security policies written in? Sweat and cursing? Australian health insurance company Medibank will take all of its IT systems offline and close...

Australian health insurer Medibank's prognosis following an October data breach keeps getting worse as criminals dumped another batch of stolen customer data on the dark web. Medibank said it's still analyzing the leaked data, which includes six "Sipped files in a folder called 'full' containing the raw data that we believed the criminal stole."

Australian health insurance provider Medibank has confirmed that another batch of the customer data stolen in the recent breach has been leaked. Medibank is making an effort to minimize the bad news, somewhat, by saying that much the data leaked is incomplete and hard to understand.

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said.