REGISTER

email 14 48

A report by Australia's Information Commissioner details how operational failures allowed hackers to breach Medibank, stealing data from 9 million people.

In October 2022, Medibank disclosed a cyberattack disrupting operations, confirming data theft impacting 9.7 million. Ransomware gang BlogXX leaked stolen data, linked to Russian national Aleksandr Gennadievich Ermakov. Medibank failed to protect data, with a contractor's compromised credentials leading to system access. Attackers exploited VPN and Microsoft Exchange vulnerabilities, stealing 520 GB data. Medibank's EDR flagged issues but wasn't acted on until October, revealing the breach. Multi-factor authentication (MFA) is crucial to defend against credential theft and breaches, especially for VPNs targeted by ransomware.

CyberBanner

MetricStream TPRM

CyberBanner

CyberBanner

CyberBanner

Log in Register

Please Login to download this file

Username *
Password *
Remember Me

CyberBanner

CyberBanner

CyberBanner

CyberBanner

Banner

CyberBanner

CyberBanner

CyberBanner

Banner

Go to top