A ransomware group posted sensitive Personal Data of the Customers of one of Australia’s largest health insurers, Medibank, on the dark web. This comes after Medibank said it would not pay the ransom demand, saying, “We believe there is only a limited chance paying a ransom would ensure the return of our customers’ data and prevent it from being published.”
The hack which was initially identified on Thu, 13-Oct-2022 saw 200GB of data stolen. Medibank says that the breached data belongs to 9.7 million customers, including 1.8 million customers outside the country. The files include health claims data for almost half a million people, including 20,000 overseas.
The hackers have been identified by the Australian Federal Police [AFP] as being associated with Russia. Commissioner of the Australian Federal Police [AFP], Reese Kershaw, addressed the hackers, stating “we know who you are”. He also mentioned that the AFP believed they had identified which gang was behind the cyber attack, but that they do not plan to reveal this information. It is assumed to have ties with Russia based REvil group of hackers.
The hackers gained access to personal data such as names, addresses, birthdates, Medicare numbers and hospital addresses along with sensitive personal data such as numerical diagnosis codes that appear to have customers’ history of drug addiction, alcohol abuse and HIV, according to Agence France-Presse. It’s also believed that the leaked data includes the details of high-profile Medibank customers, which may include senior Australian government lawmakers and politicians.
It is speculated that the hackers also plan to leak “keys for decrypting credit cards” despite Medibank’s statement that that no banking or credit card details were leaked. “Based on our investigation to date into this cybercrime we currently believe the criminal did not access credit card and banking details,” Medibank spokesperson Liz Green has stated.
Post the leak, which has exposed sensitive & confidential information that could be misused for financial fraud, Medibank and the Australian Federal Police [AFP] are requesting customers to be alert for phishing scams and unexpected online activity in their accounts. Medibank is also requesting users to ensure they are not re-using passwords and have Two Factor Authentication [2FA] enabled on their other accounts. Medibank has also launched a “cyber response support package” for affected customers.
Health care industries are often the target of cyber attacks, as seen in the case with the Medibank hack, because they have a lot of sensitive information that can be used for identity theft and other criminal purposes. Additionally, many health care Organisations are not prepared to deal with a cyberattack. Health care Organisations need to take steps to secure their systems in order to prevent cyberattacks from happening and causing damage to their company.
Neumetric’s HIPAA Compliance Service can help health care Organisations make sure they’re in compliance with the Health Insurance Portability and Accountability Act (HIPAA). We offer a variety of tools and services to help you achieve this goal, including vulnerability assessments and penetration tests.
Our Vulnerability Assessment Service is designed to make sure that your systems are secure by identifying any potential security risks or vulnerabilities. We’ll also provide recommendations on how you can fix these issues so that they don’t pose any risk to your company’s data or network security.
In addition to our vulnerability assessments, Neumetric can also conduct Penetration Tests for you. These tests allow us to simulate an attack on your system by a malicious third party in order to identify any weaknesses in your system’s defences. This ensures that we have identified all possible vulnerabilities before any real attacks occur on your network or computer systems. Through our HIPAA Compliance Service, we will help ensure that your Organisation is protected from cyberattacks so that you can focus on providing quality care for your patients!