Major Australian health insurance provider Medibank was reported by the Office of the Australian Information Commissioner to have committed significant security lapses that resulted in a cyberattack in October 2022 that compromised data belonging to 9.7 million individuals, reports BleepingComputer.
The far-reaching hack, which was tied to now-sanctioned Russian national Alexander Gennadievich Ermakov, has stemmed from the breach of a Medibank IT service desk operator's home computer that contained browser-stored Medibank credentials, which provided attackers elevated privileges and access to the firm's Microsoft Exchange server and its Palo Alto Networks Global Protect Virtual Private Network, according to the OAIC report. Medibank had not averted the breach of its VPN due to its failure to implement multi-factor authentication. "Medibank's Global Protect VPN was configured so that only a device certificate, or a username and password (such as the Medibank Credentials), was required," added the report, which added that the insurer also did not appropriately triage alerts from its endpoint detection and response system in late August.
Identity, Decentralized identity and verifiable credentials
Medibank hack attributed to cybersecurity failings
Share
An In-Depth Guide to Identity
Get essential knowledge and practical strategies to fortify your identity security.
Related Events
Related Terms
Access MatrixBasic AuthenticationBiometricsCertificate-Based AuthenticationChallenge-Handshake Authentication Protocol (CHAP)Digest AuthenticationDigital CertificateDiscretionary Access Control (DAC)Get daily email updates
SC Media's daily must-read of the most current and pressing daily news