Medibank breached as hacker claims to have stolen 200gb of data
Health insurer Medibank has been hit by a ransomware attack that has captured personal data including information about medical conditions and treatment. The company announced the incident on 13 October, and has advised customers to be “vigilant”.
Medibank initially claimed that no customer data had been accessed. But a few days later the company revealed that it had been contacted by a hacker who claimed to have stolen 200gb of data and sent 100 records as proof of the attack. As well as names, addresses, dates of birth and Medicare numbers, the leak is also believed to include data about the treatments customers have received.
At the time of writing, more than 4 million records have been compromised and Medibank saw its market value plummet by $1.75 billion, while its shares sank by 18%.
In the aftermath of the attack – one of a wave to hit Australian companies in recent weeks – cybersecurity minister Clare O’Neil said that organisations were “under relentless cyberattack”. Medibank is contacting customers who may have been affected and is investigating the incident with government agencies. With medical records growing increasingly valuable, companies in the sector should look at solutions such as threat monitoring to reduce the risk of ransomware.
Teenager arrested and scams multiply as Optus fallout continues
In the aftermath of last month’s Optus hack, scammers are using stolen data to defraud the telecoms giant’s customers. One scammer, a 19-year-old Sydney man, has already been arrested.
The Optus hack exposed up to 10 million customers’ data, and the Australian Competition and Consumer Commission (ACCC) has revealed that hundreds of them have reported being approached by scammers. “Scammers are impersonating Optus in various scams,” said the ACCC. “Beware of emails warning of payment errors or threatening email account closures, and callers offering a reward due to the data breach.”
One scammer has already had his comeuppance: a man from Sydney, who is not believed to have been involved in the initial breach, has been charged by police after downloading stolen records and using them in an SMS scam. Meanwhile, some affected customers have been unable to use their passports as online identification. The incidents are a reminder that the aftermath of a breach can be hugely damaging – individuals affected should take particular care to practice good cyber hygiene, change passwords and watch out for suspicious messages.
The government’s recently announced budget also committed $12.6 million to combat scams and online fraud, with $9.9 million going towards a new National Anti-Scam Centre to be established by the ACCC.
Patient data leaked online after Pinnacle breach
Medibank isn’t the only health organisation to be hit this month: New Zealand’s Pinnacle Midlands Health Network suffered a breach and has now announced that data "related to past and present patients and customers" has been leaked.
Pinnacle took its systems offline when it detected the incident and is working with the Office of the Privacy Commissioner and the police. The group serves almost half a million patients, and CEO Justin Butcher said that medical data was affected. “This includes high-level data related to the use of hospital services, claiming information related to services that Pinnacle provides, and information sent to practices around immunisation and screening status of individual patients,” he said. Health New Zealand (Te Whatu Ora) has underlined that its system is separate to Pinnacle’s and has not been affected. Healthcare organisations are particularly vulnerable to cyberattack – training and a proactive mindset are essential.
Australian census website hit by a billion cyberattacks
The Australian census’s digital platform was “under constant attack”, suffering around a billion cyberattacks during 2021, according to the Australian Bureau of Statistics (ABS).
The 2021 census took place on 8 August 2021, with census systems online – and facing cyber threats – between 28 July 2021 and 1 October 2021. A spokesperson for the ABS said “These were connections that were obviously malicious which we blocked, either automatically or manually. On census day alone we blocked 308,735 malicious connections, and on investigating these we blocked 130,000 IP addresses which were the source of this attack traffic.”
The previous census, in 2016, had to be taken offline for 40 hours after Distributed Denial of Service (DDoS) attacks that appeared to be overseas attempts to sabotage the count. Cyberattacks linked to foreign actors are a rapidly increasing threat, and one that can impact private organisations as well as government departments.
Wine company breached after testing platform hack
In a brutal month for cyberattacks in Australia, wine retailer Vinomofo has announced a breach by “an unauthorised third party”. The company says that personal data such as names, birth dates, addresses, and phone numbers may have been leaked.
In just over a decade, Vinomofo has grown from a start-up in an Adelaide garage to serve 500,000 customers. It’s unclear how many have been affected by this breach, which a spokesperson said had occurred “where an unauthorised third party unlawfully accessed our database on a testing platform that is not linked to our live Vinomofo website”. The company has said that passwords were not stolen, and that it does not hold information such as bank details or passport details.
Attacks on online retailers and their customers have boomed since the pandemic, with scams and brand exploitation the biggest threats. For CISOs working in retail, getting marketing on your side is an essential step in managing threats.
Telstra breach may have affected 30,000
Just two weeks after rivals Optus suffered a major breach, Telstra has suffered what it describes as a “small data breach”. The data exposed the data of current and former employees, with around 30,000 people believed to be affected.
The information which was leaked from a partner organisation, dates back to 2017 and is limited to names and email address, which should mean it is of limited use to scammers. However, even small intrusions can be exploited by cybercriminals, who can use them together with information from social media or other sources to build more sophisticated Business Email Compromise (BEC) or ransomware attacks. Credentials are also sold in packages on the dark web, resulting in a legacy of risk for years to come. We’ve seen a number of organisations’ data hit by attacks on partners: working closely with your supply chain can help manage this risk.
EnergyAustralia becomes the latest victim of wave of cyberattacks
The electricity company said the breach exposed the data of hundreds of residential and small business customers.
The data leaked included customer names, addresses, email addresses, electricity and gas bills, phone numbers, and the first six and last three digits of their credit cards. The electricity company said the breach involved unauthorised access of the online platform My Account, resulting in the leak. EnergyAustralia said affected users had already been contacted, while regulatory authorities and government agencies have also been briefed.
Woolworths customers lose reward points in cyber hack
In a string of incidents, Woolworths customers are finding their Everyday Rewards points were stolen, prompting the retail giant to ask shoppers to check their balances.
The news comes after a man raised the alert on social media when he discovered $440 stolen from his Everyday Rewards account. “We have been assisting a small number of members who appear to have been the victim of unauthorised access to their Everyday Rewards accounts,” a Woolworths Everyday Rewards spokesperson has said. Woolworths has recently introduced extra security measures for Everyday Reward customers and introduced a one-time security code to be sent to members’ emails or mobile phones when they want to change their details.