Cybersecurity concerns for Australia’s big business continue as health insurance giant Medibank suffered a data breach that saw 200GB of medical records stolen by a hacker and held for ransom.
The company initially misidentified the attack as involving ransomware, but it appears it was simply data exfiltration. The amount of the ransom remains unknown; the hacker leaked around 100 records containing an assortment of information that allegedly includes medical conditions and drug treatment records.
Contact and medical information stolen in Medibank health insurance hack
With some 3.7 million customers and a market share of around 27%, Medibank is Australia’s largest health insurance provider. The company had its trading halted by the Australian Securities Exchange on Wednesday the 19th after the hacker contacted the company privately, claimed to have 200GB of stolen data and provided a sample of around 100 customer policies to verify that the attack was legitimate.
Clients’ health insurance policies contain an assortment of personal contact information: full names, home addresses, dates of birth, and phone numbers, at a minimum. More distressing for Australians is the inclusion of national healthcare identification numbers, just weeks after major telecoms provider Optus was breached. The loss of national ID numbers in this attack caused delays in government agencies as many people lined up to have their numbers changed.
The worst part of Medibank’s violation is that, in some cases, medical records are part of health insurance policies. As part of the shakedown, the thief named around 1,000 high-profile or at-risk people whose medical records he claims to have, ranging from politicians and celebrities to LGBTQ activists and people with substance abuse issues.
Cybersecurity Minister Clare O’Neil initially mislabeled the Medibank breach as a ransomware attack; his office later clarified that the data was stolen without the deployment of any ransomware, which the health insurance giant corroborated. The attack did not disrupt the company’s day-to-day operations (aside from shutting down trading), but it’s still unclear how many customers had their contact details or medical records exposed.
Australians face massive exposure of telecommunications and medical records
There has been no official confirmation yet, but there are reports that Medibank medical records have been stolen from a budget provider called “ahm” (formerly Australian Health Management) which offers lower cost policies; the data may come from the division that manages health insurance policies for international students. International students are required by law to obtain a private policy when coming to study in Australia. Ahm reportedly has information on one million of the company’s health insurance customers in its system.
Medibank responded to the breach by adding staff to its customer support lines. The company said potentially affected customers should call 13 23 31 if they have a health insurance policy with Medibank or 13 42 46 if they have a policy with ahm. The company’s CEO, David Koczkar, also issued a formal apology for the breach.
Since the end of September, Australian companies have suffered a kind of sustained cybersiege. It is not clear if this is a coincidence or if interest in the country is increasing for some reason; At the end of September, the Australian Cybersecurity Center issued a warning about an Iranian state-backed hacker campaign targeting critical infrastructure, but there is currently no link between this campaign and the attacks on Optus and Medibank.
Optus and Medibank are two of the biggest companies to be hit in this recent crime spree, but they are far from the only recognizable companies that have been attacked and lost vast amounts of personal data. Since early October, major telecommunications company Telstra has also been affected and had information about tens of thousands of current and former employees stolen. Woolworths, a leading grocery chain in the country, also suffered a breach of its online shopping site MyDeal which exposed the contact details of up to 2.2 million customers. And online wine seller Vinomofo has also been hit for potentially half a million customer registrations.
The spate of crimes has prompted the Australian government to act to improve security, proposing new regulations that would force the country’s banks to act quickly when news of data breaches exposing personal information comes through. This is one of the main concerns for health insurance information that has been exposed; if leaked to the public, scammers will quickly try to use it for identity theft and account takeovers. The problem is only exacerbated by the presence of medical records, which could be used both to make scam attempts more convincing or to blackmail victims.
Neena Sharma, Senior Strategist at Clavister, sees a need for companies to go further even if government regulations do not specify security improvements: weeks ago. Highly sensitive personal information was accessed by hackers, raising concerns about adequate cyber protection. Businesses and industries that hold large amounts of sensitive consumer data, such as health insurers, transportation and banking, need to invest better in technology protection to prevent hackers from accessing personal information . Cloud security measures are imperative to ensure strong protection against cybercriminals. The cybersecurity industry is working towards a “passwordless” future, as passwords are easily guessed or cracked by cybercriminals. Solutions such as authenticator apps, multi-factor authentication or single sign-on can provide better protection against cyberattacks. Along with no passwords, organizations should also strive for a zero-trust security approach where users are continually verified when they attempt to access applications or resources. Cloud security solutions can also limit the impact and scope of potential data breaches. Beyond the individual level, organizations and public bodies must ensure that they deploy more robust and, importantly, flexible security measures in the future to mitigate these breaches and protect highly sensitive data.
#Australian #health #insurance #Medibank #data #held #ransom #200GB #medical #records #stolen #CPO #Magazine