Security News

Medibank on Thursday confirmed that the threat actors behind the devastating cyber attack have posted another dump of data stolen from its systems on the dark web after its refusal to pay a ransom. "We are in the process of analyzing the data, but the data released appears to be the data we believed the criminal stole," the Australian health insurer said.

Australian health insurance giant Medibank has warned customers that the ransomware group behind last month's breach has started to leak data stolen from its systems. The attackers, linked to the REvil cybercrime gang, have leaked a wide range of information so far, including Medibank customers' private and health data and, according to WhatsApp screenshots, negotiation chats with the health insurer's security operations team and CEO David Koczar.

A ransomware gang that some believe is a relaunch of REvil and others track as BlogXX has claimed responsibility for last month's ransomware attack against Australian health insurance provider Medibank Private Limited. While until now, the attack on Medibank hasn't yet been attributed to a specific ransomware group, the company did confirm that the malicious activity observed on its network matches ransomware activity.

Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. "This figure represents around 5.1 million Medibank customers, around 2.8 million ahm customers, and around 1.8 million international customers," Medibank noted.

Australian health insurance provider Medibank has announced it won't be paying the ransom to the criminal(s) who stole data of 9.7 million of its current and former customers. "Based on the extensive advice we have received from cybercrime experts we believe there is only a limited chance paying a ransom would ensure the return of our customers' data and prevent it from being published. In fact, paying could have the opposite effect and encourage the criminal to directly extort our customers, and there is a strong chance that paying puts more people in harm's way by making Australia a bigger target," the company said.

Incoming OpenSSL critical fix: Organizations, users, get ready!The OpenSSL Project team has announced that, on November 1, 2022, they will release OpenSSL version 3.0.7, which will fix a critical vulnerability in the popular open-source cryptographic library. Apple fixes exploited iOS, iPadOS zero-dayFor the ninth time this year, Apple has released fixes for a zero-day vulnerability exploited by attackers to compromise iPhones.

Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack.In an update to its ongoing investigation into the incident, the firm said the attackers had access to "Significant amounts of health claims data" as well as personal data belonging to its ahm health insurance subsidiary and international students.

​Australian insurance firm Medibank has confirmed that hackers accessed all of its customers' personal data and a large amount of health claims data during a recent ransomware attack. [...]

All four million customers at risk of having records of medical treatments exposed Australian health insurer Medibank's data breach was today revealed to be even worse than first thought, with a...

Australian private health insurance provider Medibank has revealed that the hack and data breach it discovered over two weeks ago has affected more customers than initially thought. According to The Guardian, Medibank is working under the assumption that all its customers have been affected, including past ones.