Australian cyber security expert’s Medibank hack warning
The cyber attack on Medibank is worse than first thought, with health records and potentially credit card details exposed just a month after the Optus data breach.
While almost four million Medibank customers could be impacted if the hackers’ threat to sell the stolen data is carried out, a cyber security investigator said he’s not surprised by the targeted cyber attack.
“Cyber attacks are becoming the new normal,” CEO of Australian cyber security firm Gridware Ahmed Khanji told A Current Affair.
READ MORE: John Farnham’s sons, Robert and James, reveal dad’s road to recovery after cancer surgery
Khanji has been investigating and tracking cyber attacks around the world.
He said the world of crime has changed and digital crime is on the rise.
Health giant Medibank is the latest company to be targeted and cyber criminals are claiming to have stolen 200GB of customer data.
READ MORE: ‘The missing boy has been found’: Baby Vinh and his grandmother reunite
“A threat actor has come out and made contact with them … almost anyone can send a note to Medibank with any information,” Khanji said.
“You simply don’t know whether something is bogus or legitimate.”
The hackers claim their proof that they’re legitimate is a sample of 100 customer policies which they sent with a ransom note.
READ MORE: Aussie couple claims super fees robbed them of a comfortable retirement
The criminals are threatening to sell confidential information including sensitive health records and potentially credit card details, but it appears those details have not been posted anywhere publicly yet.
Khanji said what makes this attack different to the Optus data breach is the type of information being stolen.
“Healthcare is one of the highest targeted industries by cybercriminals,” he said
“Patient information is some of the most sensitive and private information available.
“They want to sell data that is valuable.”
The cybercriminals are also threatening to target 1000 of Medibank’s most prominent customers, including actors and politicians.
“A lot of these threat actors are looking for attention,” Khanji said.
“Making threats like, ‘we’re going to be ousting famous people’ is likely to cause a lot more anxiety about what data these threat actors actually have.
“The more sensitive data is, the more likely they will be able to utilise it for crime.”
Senior Incident Response Analyst Vicki Sternares said they run their illegal transactions “like a business”.
Sternares monitors the dark web to gather intelligence. So far, she hasn’t seen any discussion about the Medibank data.
She said it’s easy to buy personal data including names, mobile numbers, addresses and emails.
Federal police have been called in to assist in the Medibank investigation.
“The Australian government is doing everything it can to stop irreparable harm from what is a complete dog act,” Cyber Security Minister Clare O’Neil said.
“That is a criminal that is suggesting that they are going to divulge personal health information of Australians to the public and that is simply unacceptable to us.”
Khanji said the damage could have already been done – like it was with Optus.
“The original 10,000 customers’ data is still available on the dark web,” he said.
“Threat actors can still utilise this for very malicious purposes.
“They don’t feel like there are consequences for their actions and they get encouraged to do more of these, so you’ll find many copycats out there looking for a quick buck.”
But he said the threat actors should be taking the publicity seriously, whether they are sophisticated criminals or a couple of kids.
“Especially when the FBI and Interpol and other law enforcement agencies start to get involved, it becomes a very dangerous game to play,” Khanji said.
He said the problem is proving we all have a lot to learn.
“Organisations are waking up and understanding that they actually need to invest in good cyber security to avoid this issue once they occur,” Khanji said.
“It is not a matter of ‘if you get cyber attacked’ anymore, it’s ‘when you get cyber attacked’.”
Aussies issue warnings after falling victim to these scams