New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


Medibank Provides An Update

After a cyberattack on the Australian insurance giant, Medibank, the company was left to determine the damage that was inflicted and how many of their clients were affected. It has now been determined and announced by Medibank that threat actors were able to access the entirety of Medibank’s client information along with health claims data. Additionally, some of this data was exfiltrated after it was initially thought by Medibank that the data was only accessed. This claim was debunked after the group responsible for the attack reached out to Medibank with samples of the data to extort them. Although the situation is unfortunate, Medibank should receive some credit for its transparency and investigation turnaround time. Medibank did not have cyber liability insurance and in total, the breach is likely going to cost the company around $35m, but this does not factor in other costs such as legal fees and compensation for affected customers.

Analyst Notes

Medibank plans to aid their customers moving forward by providing some resources free of charge, those include:

• Financial support for customers who are in a uniquely vulnerable position because of this crime.
• Free identity monitoring services for customers who have had their primary ID compromised
• Reimbursement of fees for re-issue of identity documents that have been fully compromised in this crime.
• Specialist identity protection advice and resources from IDCARE.
• Medibank’s mental health and wellbeing support line.

The Australian government has also responded to the recent uptick in Australian businesses being targeted by threat actors. A new Privacy Legislation Amendment Bill has been proposed that will have stricter penalties for businesses that are breached.