An Australian nonprofit children's charity warned about 80,000 donors of the compromise of their credit card and personal information resulting from a recent hacking incident. The Smith Family says the hacker failed to steal any charity funds but did manage to access donor data.
Who is attempting to extort Australian health insurer Medibank? Why did Medibank tell its attackers it wouldn't pay a ransom? Will this deter future cyber extortionists? Here are a few thoughts on the high cybercrime drama playing out.
Embattled Australian private health insurer Medibank says it won't pay hackers' extortion demand, saying it can't trust cybercriminals to delete personal data. A ransomware gang claiming affiliation with REvil is threatening to publish the data, which Medibank says affects 9.7 million individuals.
The latest edition of the ISMG Security Report discusses how Australian health insurer Medibank is deliberating on whether to pay a ransom to extortionists, analyzes the growing number of layoffs in the security vendor space, and shares a tribute to threat intelligence researcher Vitali Kremez.
Fallout from the hack of Australian health insurer Medibank continues to worsen as the company twice this week acknowledged a wider set of affected individuals. Hackers had access to the personal data of 4 million individuals and significant amounts of health claims data.
One of Australia's largest private testing laboratories announced a data breach affecting 223,000 Australians. Ransomware-as-a-service group Quantum took credit for the incident, posting an 86-gigabyte file in June. "There is no evidence of misuse of any of the information," says Medlab Pathology.
Is Australia's data breach wave a coincidence, bad luck or intentional targeting? Maybe all three. But the security weaknesses that have led to the incidents are not exotic. And the people behind these attacks are most likely workaday cybercriminals, not top-level nation-state attackers.
Australia's largest private health insurer has transformed over a week from being confident that it repelled a cyber incident to being apologetic after disclosing that hackers got away with up to 200 gigabytes of customer data. Australian Federal Police are investigating the incident at Medibank.
Australian health insurer Medibank says it received a ransomware demand from hackers asserting to have stolen data during a cybersecurity incident the company detected on Oct. 12. "Based on our ongoing forensic investigation we are treating the matter seriously at this time," the company says.
Personal data from MyDeal, a marketplace owned by Australia's Woolworths Group grocery chain, has appeared for sale on a data leak forum. It comes as wine retailer Vinomofo disclosed a breach and as the Optus telecommunications breach continues to fuel data security concerns in Australia.
Australian health insurer Medibank told investors it stopped a probable ransomware attack before the attack could steal data or maliciously encrypt its systems. Australia has been undergoing an apparent spate of data breaches that continues with a breach of email addresses at e-commerce site MyDeal.
Australian health insurer Medibank Group says it has found no evidence of data compromise following its Wednesday detection of unusual network activity. The company, which serves nearly 4 million Australians, restored access to its policy websites on Friday.
Two Australian regulatory agencies are investigating the telecommunications company behind the country's second-largest data breach, affecting approximately 10 million people. Optus could face millions of dollars in fines from probes into the firm's privacy and data retention practices.
Police arrested a teenager in his suburban Sydney home for allegedly attempting to extort AU$2,000 from victims of the Optus data breach. The unnamed 19-year-old allegedly threatened to conduct financial crimes using the information of 93 individuals unless he received a payout.
Australia's Optus telco is facing a $1 million extortion demand to prevent the release of up to 11.2 million sensitive customer records. The data appears to be legitimate. The attacker tells Information Security Media Group an unauthenticated API led to the breach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
