Security News

U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach
2024-01-24 08:55

Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider...

US, UK, Australia sanction REvil hacker behind Medibank data breach
2024-01-23 13:40

The Australian, US, and UK governments have announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Medibank is a large health insurance provider in Australia that suffered a ransomware attack in October 2022, causing operational and business disruption.

Australia sanctions REvil hacker behind Medibank data breach
2024-01-23 13:40

The Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. Following a lengthy investigation, the Australian authorities identified Ermakov as the person responsible for the Medibank hack and data theft.

REvil-hit Medibank to pull plug on IT, shore up defenses
2022-12-08 21:35

If safety regulations are written in blood, what are security policies written in? Sweat and cursing? Australian health insurance company Medibank will take all of its IT systems offline and close...

Medibank prognosis gets worse after more stolen data leaked
2022-12-02 23:10

Australian health insurer Medibank's prognosis following an October data breach keeps getting worse as criminals dumped another batch of stolen customer data on the dark web. Medibank said it's still analyzing the leaked data, which includes six "Sipped files in a folder called 'full' containing the raw data that we believed the criminal stole."

All of Medibank’s stolen data leaked, Australia increases maximum penalties for data breaches
2022-12-02 11:49

Australian health insurance provider Medibank has confirmed that another batch of the customer data stolen in the recent breach has been leaked. Medibank is making an effort to minimize the bad news, somewhat, by saying that much the data leaked is incomplete and hard to understand.

Hackers Leak Another Set of Medibank Customer Data on the Dark Web
2022-12-01 13:17

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said.

Hackers Leak Another Set of Medibank Customer Data on the Dark Web
2022-12-01 13:17

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said.

Medibank warns customers their data was leaked by ransomware gang
2022-11-09 16:43

Australian health insurance giant Medibank has warned customers that the ransomware group behind last month's breach has started to leak data stolen from its systems. The attackers, linked to the REvil cybercrime gang, have leaked a wide range of information so far, including Medibank customers' private and health data and, according to WhatsApp screenshots, negotiation chats with the health insurer's security operations team and CEO David Koczar.

Ransomware gang threatens to release stolen Medibank data
2022-11-07 17:50

A ransomware gang that some believe is a relaunch of REvil and others track as BlogXX has claimed responsibility for last month's ransomware attack against Australian health insurance provider Medibank Private Limited. While until now, the attack on Medibank hasn't yet been attributed to a specific ransomware group, the company did confirm that the malicious activity observed on its network matches ransomware activity.