The Medibank data breach was a major cyber incident involving the theft of sensitive customer medical records. A ransomware group associated with the REvil gang leaked this data after Medibank refused to pay a ransom.

Key Details:

• The breach involved stolen data like customer names, birth dates, passport numbers, and medical claims.

• Hackers divided the victim data into “naughty” and “good” lists, with the former including highly sensitive information such as diagnoses related to drug addiction, alcohol abuse, and HIV.

• The personal data of Australian government officials, including Prime Minister Anthony Albanese, was also exposed.

• So far, the attackers have leaked data affecting about 200 customers, and there are indications that more sensitive information could be released.

Customer Impact:

Medibank and the Australian Federal Police advised customers to be vigilant for phishing scams and monitor their online accounts. Multi-factor authentication and password updates were strongly recommended to mitigate the risks of identity theft and fraud.

Support Measures:

Medibank launched a "cyber response support package" for affected customers, which includes identity protection advice, hardship support, mental health services, and personal duress alarms. The Australian Federal Police (AFP) is actively monitoring the dark web for any sales or distribution of the stolen data.

Next Steps:

Medibank is preparing for further potential data releases on the dark web and is advising customers to be cautious of phishing emails pretending to be from Medibank. Customers are urged to avoid clicking on any suspicious links and ensure that all communications are verified.

About Genesis:

Genesis is a cyber risk management platform that integrates attack surface and third-party risk management into a unified solution. It helps businesses monitor cybersecurity posture, discover data leaks, and mitigate risks, providing insights into potential vulnerabilities and attacks.