At a glance.
- Medibank customer data published by REvil.
- School data leaked in the UK.
Medibank customer data published by REvil.
As we noted yesterday, a hacker allegedly behind the massive data breach at Medibank, Australia’s leading health insurer, threatened to release the stolen data on the dark web if his ransom demands were not met. As CRN Australia reports, this morning the threat actor followed through, publishing some of the data on a blog tied to the REvil ransomware group. “Medibank has today become aware that the criminal has released files on a dark web forum containing customer data that is believed to have been stolen from Medibank’s systems,” the company stated. Prime Minister Anthony Albanese, who has officials working with investigators on the hack, stated, "This is really tough for people. I'm a Medibank private customer as well, and it will be of concern that some of this information has been put out there.” (It has not been verified whether the PM’s data were compromised.) As the Sydney Morning Herald notes, Home Affairs and Cybersecurity Minister Clare O’Neil told parliament that the leak will likely worsen. “We are going through a difficult period now that may last for weeks, possibly months, not days and hours,” O’Neil said.
The Sydney Morning Herald offers advice for individuals concerned their data might have been exposed in the attack. Tips include looking out for communications from Medibank (who is reaching out to all impacted customers), securing any accounts linked to finances or containing personal details, replacing your Medibank ID or passport (if impacted), and staying on the alert for suspicious account activity or spam communications. This is good advice for everyone, whether involved in this breach or not, as a new study from Australian National University shows that one of every three Australian adults has been the victim of a data breach in the past year, VOA reports. In comparison, the researchers found that only 11.2% of Australians had been the victim of serious crimes such as burglary or assault in the last five years, demonstrating that cyberattacks have become one of the fastest growing types of crime in Australia.
School data leaked in the UK.
Parents at a UK school awoke Monday to the news that their children’s data had been leaked on the dark web, the Hereford Times reports. Administrators at the Hampton Dene Road School, located in the city of Hereford, disclosed in October that it had experienced a cyberattack, but at the time they said "there was no threat to the personal information of students and staff.” They were apparently mistaken, as it was discovered this week that students’ full names, addresses, unique pupil numbers, dates of birth, gender, ethnicity, and additional special educational needs info had been posted on an underground web forum. After the initial attack on October 9, hacking group Vice Society disabled the school’s servers and informed the school it had encrypted its electronic files. The IT manager shut down internet access to the school network for three days to investigate, and although police were informed of the attack, no action was taken as it was believed that no data had been compromised. It wasn’t until October 31 that the school received a Halloween surprise: a message from an "alleged third party company" informing them the school’s data had been posted on the dark web. The school’s headteacher stated, "As a school, this is a deeply concerning and distressing time for us in that personal and confidential information has been breached and published in this way.” The school has about one thousand students, but the headteacher noted it was difficult to determine exactly how much information had been exposed.