Medibank hack warning from Australian cyber security expert

Medibank hack warning from Australian cyber security expert

The cyber attack on Medibank is worse than first thought, with health records and potentially credit card details exposed just a month after the Optus data breach.

While nearly four million Medibank customers could be affected if the hackers’ threat to sell the stolen data is carried out, a cyber security investigator said he is not surprised by the targeted cyber attack.

“Cyber ​​attacks are becoming the new normal,” said CEO of Australian cyber security firm Gridware Ahmed Khanji A current affair.

Medibank. (A current affair)

Related clips

READ MORE: John Farnham’s sons, Robert and James, reveal their father’s road to recovery after cancer surgery

Khanji has investigated and tracked cyber attacks around the world.

He said the world of crime has changed and digital crime is on the rise.

Healthcare giant Medibank is the latest company to be targeted, with cybercriminals claiming to have stolen 200GB of customer data.

Ahmed Khanji. (A current affair)

READ MORE: “The missing boy has been found”: Baby Vinh and his grandmother are reunited

“A threat actor has come out and contacted them … almost anyone can send a note to Medibank with all the information,” Khanji said.

“You just don’t know if something is fake or legit.”

The hackers claim that their proof of their legitimacy is a sample of 100 customer policies that they sent along with a ransom note.

A cyber security investigator said he is not surprised by the targeted cyber attack. (A current affair)

READ MORE: The Aussie couple claim super fees robbed them of a comfortable retirement

The criminals are threatening to sell confidential information, including sensitive health records and potentially credit card details, but it appears that these details have not been published anywhere yet.

See also  Women's changing duvet cover makes bed in seconds

Khanji said what makes this attack different from the Optus data breach is the type of information being stolen.

“Healthcare is one of the most targeted industries by cybercriminals,” he said

CEO of Australian cyber security firm Gridware Ahmed Khanji. (A current affair)

“Patient information is one of the most sensitive and private things available.

“They want to sell data that is valuable.”

The cybercriminals are also threatening to target 1,000 of Medibank’s most prominent customers, including actors and politicians.

Digital crime is on the rise. (A current affair)

“Many of these threat actors are looking for attention,” Khanji said.

“Making threats like ‘we’re going to kick out famous people’ is likely to cause a lot more anxiety about what data these threat actors actually have.”

“The more sensitive the data, the more likely they will be able to use it for crime.”

Senior Incident Response Analyst Vicki Sternares said they run their illegal transactions “like a business”.

Senior Incident Response Analyst Vicki Sternares. (A current affair)

Sternares monitors the dark web to gather intelligence. So far she has not seen any discussion about the Medibank data.

She said it is easy to buy personal data, including names, mobile numbers, addresses and emails.

The Federal Police have been called in to assist in the Medibank investigation.

Senior Incident Response Analyst Vicki Sternares spoke to A Current Affair reporter Dimity Clancey. (A current affair)

“The Australian Government is doing everything it can to stop irreparable damage from what is a completely dogged act,” Cyber ​​Security Minister Clare O’Neil said.

“This is a criminal suggesting that they are going to divulge personal health information about Australians to the public and that is simply unacceptable to us.”

Khanji said the damage could have already been done – as it was with Optus.

Cyber ​​Security Minister Clare O’Neil. (A current affair)

“The original 10,000 customers’ data is still available on the dark web,” he said.

See also  The "cruel" gang behind the Medibank hack issue a chilling message

“Threat actors can still use this for very malicious purposes.

“They don’t feel like there are consequences to their actions and they’re encouraged to do more of them, so you’ll find a lot of copycats out there looking for a quick buck.”

But he said the threat actors should take the publicity seriously, whether they are sophisticated criminals or a couple of kids.

CEO of Australian cyber security firm Gridware Ahmed Khanji spoke to A Current Affair reporter Dimity Clancey. (A current affair)

“Especially when the FBI and Interpol and other law enforcement agencies start getting involved, it becomes a very dangerous game to play,” Khanji said.

He said the problem shows that we all have a lot to learn.

“Organizations are waking up and understanding that they actually need to invest in good cybersecurity to avoid this problem when it first occurs,” Khanji said.

“It’s not a matter of ‘if you get cyber-attacked’ anymore, it’s ‘when you get cyber-attacked’.”

In pictures

Aussies are issuing warnings after falling victim to these scams

See Gallery

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *