Embattled Australian private health insurer Medibank says it won't pay hackers' extortion demand, saying it can't trust cybercriminals to delete personal data. A ransomware gang claiming affiliation with REvil is threatening to publish the data, which Medibank says affects 9.7 million individuals.
A hack of an Australian legal aid group this week may have exposed the personal information of domestic violence, sexual assault victims and other vulnerable people around the nation’s capital. Legal Aid ACT says systems are disrupted and an investigation will find out if data was stolen.
A Japanese hospital in Osaka stopped offering anything but emergency care after hackers launched a Monday morning ransomware attack on the electronic medical records system. Hospital officials say the prospects of system recovery are not good.
The OpenSSL Project downgraded the urgency of a patch issued Tuesday after determining that the vulnerability is unlikely to be exploited in common situations. "It appears to be there would be an almost zero quantity of servers at risk," said a Sophos cybersecurity executive.
Customer engagement platform Twilio says the number of customers affected by a phishing campaign that coaxed employees of the San Francisco company into permitting attackers to bypass multifactor authentication protections will stand at a final tally of 209.
Fallout from the hack of Australian health insurer Medibank continues to worsen as the company twice this week acknowledged a wider set of affected individuals. Hackers had access to the personal data of 4 million individuals and significant amounts of health claims data.
One of Australia's largest private testing laboratories announced a data breach affecting 223,000 Australians. Ransomware-as-a-service group Quantum took credit for the incident, posting an 86-gigabyte file in June. "There is no evidence of misuse of any of the information," says Medlab Pathology.
Emennet Pasargad, the Iranian cyber threat actors behind an attempt to disrupt the U.S. presidential election in 2020, remains active, warns the FBI. The group conducts hack-and-leak operations and targeted a U.S. organization with a destructive attack within the last year.
Australia's largest private health insurer has transformed over a week from being confident that it repelled a cyber incident to being apologetic after disclosing that hackers got away with up to 200 gigabytes of customer data. Australian Federal Police are investigating the incident at Medibank.
Australian health insurer Medibank says it received a ransomware demand from hackers asserting to have stolen data during a cybersecurity incident the company detected on Oct. 12. "Based on our ongoing forensic investigation we are treating the matter seriously at this time," the company says.
Australian health insurer Medibank told investors it stopped a probable ransomware attack before the attack could steal data or maliciously encrypt its systems. Australia has been undergoing an apparent spate of data breaches that continues with a breach of email addresses at e-commerce site MyDeal.
Australian health insurer Medibank Group says it has found no evidence of data compromise following its Wednesday detection of unusual network activity. The company, which serves nearly 4 million Australians, restored access to its policy websites on Friday.
A ransomware gang published 52 gigabytes of data it says it stole from Consorci Sanitari Integral, a Barcelona health organization of 3,000 physicians and staff. CSI acknowledge a "compromise in data confidentiality" but says its systems are fully recovered thanks to cloud backups.
Two Australian regulatory agencies are investigating the telecommunications company behind the country's second-largest data breach, affecting approximately 10 million people. Optus could face millions of dollars in fines from probes into the firm's privacy and data retention practices.
Telecom giant Singtel is managing multiple data breaches just weeks after Australian subsidiary Optus reported a breach affecting 9.8 million individuals. One of the new breaches is also in Australia. The other stems from a 2021 zero-day vulnerability in file transfer application Accellion FTA.