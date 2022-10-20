SYDNEY, Oct 20 (Reuters) - Australia's biggest health
insurer said on Thursday a criminal had apparently stolen
customers' medical information as part of a massive breach of
data, fuelling concern about a wave of high-profile cyber
attacks.
Medibank Private Ltd, which covers one-sixth of
Australians, said an unidentified person had shown the company
stolen personal information of 100 customers, including medical
diagnoses and procedures, as part of a theft of 200 gigabytes of
data, first disclosed by the company a week earlier.
The company did not say how many of its 4 million customers
were likely to have been affected but warned the number was
likely to rise. The Australian Federal Police said they had
opened an investigation into the breach, without commenting
further.
The disclosure adds a new layer of angst to a wave of
cyber attacks on Australia's biggest firms since No. 2 telco
Optus, owned by Singapore Telecommunications Ltd,
revealed a month ago that data of up to 10 million customers may
have been stolen.
Until now, most public commentary has focused on the
risk that hackers would use stolen data to access bank accounts.
The Sydney Morning Herald reported that it obtained a message
from a person claiming to be the Medibank hacker threatening to
publish medical records of high-profile individuals unless the
person were paid.
"What we have here is ... healthcare information and that
just on its own being made public can cause immense harm to
Australians and that's why we are so engaged with this,"
Cybersecurity Minister Clare O'Neill told the Australian
Broadcasting Corp.
BIG TARGET
Cybersecurity experts said it was unclear whether the
data breach disclosures were related, given the varied nature of
the attacks, but the publicity generated by the Optus attack may
have drawn attention in hacker networks.
"When you do have a highly visible breach like Optus in
Australia out there, hackers take notice of that and go 'maybe
I'll have a go down there and see what I can get away with,'"
said Jeremy Kirk, executive editor at Information Security Media
Group, a cybersecurity specialist publication.
Larger Optus rival Telstra Corp Ltd has
disclosed a small breach of employee data, while No. 1 grocery
chain Woolworths Group Ltd said an unidentified party
gained unauthorised access to the customer database of a bargain
website used by 2.2 million shoppers.
The high-profile data breaches show the importance of
multi-factor authentication - where a person uses a code sent to
a separate device to log in - at every level of a company's
network, said Sanjay Jha, chief scientist for the University of
New South Wales Institute for Cybersecurity.
"Maybe for end users they have done it, but for internal
servers they should have even more stringent control," Jha told
Reuters by phone.
"You need continuous authentication so that people don't
log in and leave it forever, and then attackers can compromise
your system," he added.
Dan Woods, a former FBI cyberterrorism investigator who
is now head of intelligence at cybersecurity firm F5, said
Australia had "undoubtedly experienced its worst few weeks from
a cybercrime perspective, but on the positive side it's been a
wake-up call the country may have needed".
(Reporting by Byron Kaye in Sydney; With additional reporting
by Tejaswi Marthi and Sameer Manekar in Bengaluru; Editing by
Gerry Doyle)