Medibank hack warning from Australian cyber security expert
The cyber attack on Medibank is worse than first thought, with health records and potentially credit card details exposed just a month after the Optus data breach.
While nearly four million Medibank customers could be affected if the hackers’ threat to sell the stolen data is carried out, a cyber security investigator said he is not surprised by the targeted cyber attack.
“Cyber attacks are becoming the new normal,” said CEO of Australian cyber security firm Gridware Ahmed Khanji A current affair.
READ MORE: John Farnham’s sons, Robert and James, reveal their father’s road to recovery after cancer surgery
Khanji has investigated and tracked cyber attacks around the world.
He said the world of crime has changed and digital crime is on the rise.
Healthcare giant Medibank is the latest company to be targeted, with cybercriminals claiming to have stolen 200GB of customer data.
READ MORE: “The missing boy has been found”: Baby Vinh and his grandmother are reunited
“A threat actor has come out and contacted them … almost anyone can send a note to Medibank with all the information,” Khanji said.
“You just don’t know if something is fake or legit.”
The hackers claim that their proof of their legitimacy is a sample of 100 customer policies that they sent along with a ransom note.
READ MORE: The Aussie couple claim super fees robbed them of a comfortable retirement
The criminals are threatening to sell confidential information, including sensitive health records and potentially credit card details, but it appears that these details have not been published anywhere yet.
Khanji said what makes this attack different from the Optus data breach is the type of information being stolen.
“Healthcare is one of the most targeted industries by cybercriminals,” he said
“Patient information is one of the most sensitive and private things available.
“They want to sell data that is valuable.”
The cybercriminals are also threatening to target 1,000 of Medibank’s most prominent customers, including actors and politicians.
“Many of these threat actors are looking for attention,” Khanji said.
“Making threats like ‘we’re going to kick out famous people’ is likely to cause a lot more anxiety about what data these threat actors actually have.”
“The more sensitive the data, the more likely they will be able to use it for crime.”
Senior Incident Response Analyst Vicki Sternares said they run their illegal transactions “like a business”.
Sternares monitors the dark web to gather intelligence. So far she has not seen any discussion about the Medibank data.
She said it is easy to buy personal data, including names, mobile numbers, addresses and emails.
The Federal Police have been called in to assist in the Medibank investigation.
“The Australian Government is doing everything it can to stop irreparable damage from what is a completely dogged act,” Cyber Security Minister Clare O’Neil said.
“This is a criminal suggesting that they are going to divulge personal health information about Australians to the public and that is simply unacceptable to us.”
Khanji said the damage could have already been done – as it was with Optus.
“The original 10,000 customers’ data is still available on the dark web,” he said.
“Threat actors can still use this for very malicious purposes.
“They don’t feel like there are consequences to their actions and they’re encouraged to do more of them, so you’ll find a lot of copycats out there looking for a quick buck.”
But he said the threat actors should take the publicity seriously, whether they are sophisticated criminals or a couple of kids.
“Especially when the FBI and Interpol and other law enforcement agencies start getting involved, it becomes a very dangerous game to play,” Khanji said.
He said the problem shows that we all have a lot to learn.
“Organizations are waking up and understanding that they actually need to invest in good cybersecurity to avoid this problem when it first occurs,” Khanji said.
“It’s not a matter of ‘if you get cyber-attacked’ anymore, it’s ‘when you get cyber-attacked’.”
Aussies are issuing warnings after falling victim to these scams