Hackers Have Already Cost Medibank $26m

Uploaded on 2023-03-21 in TECHNOLOGY--Hackers, FREE TO VIEW, BUSINESS-Services-Health & Welfare, BUSINESS-Services-Financial

The biggest cyber attack in Australia’s history has sparked an exodus of customers from Medibank, the health insurer, and it says it has started to return to policyholder growth. Medibank has now revealed that it has suffered $26.2 million AUD (£14.7 million) in cyber crime-related costs following the hack of its systems in the second half of 2022.

Medibank said, “Given the nature of this crime, we now believe that all of the customer data accessed could have been stolen by the criminal.”

It expects its cyber crime losses to amount to $40-$45 million for the 2023 financial year. This involves additional investments in IT security, but excludes further customer and other remediation, regulatory, or litigation-related costs.

The attacker accessed its systems through a stolen username and password belonging to a third-party IT service provider, Medibank has said. This was used to access the company’s network through a misconfigured firewall which lacked an additional digital security certificate. Medibank chief executive David Koczkar says the embattled health insurer is prioritising contacting its most vulnerable customers after it ruled out paying a ransom, telling nearly 10 million Australians to prepare to see their information online or to receive a call from the hackers.

Four weeks after first telling government no customer data had been taken, Medibank was forced to admit 9.7 million Australians have had their data stolen, including people who could be in significant danger if their information is misused.

Recently the company said it has implemented greater security controls, including ensuring its firewall authentication is fully configured across its entire network. It has also improved its network security to help defend against the 18 million perimeter attacks it experiences every day.

Medibank was evidently considered a juicy target, having announced a gross profit of $233.3 million, an increase of almost 6% compared to the previous half-year. Over the past year, the company has gained around 35,000 customers, despite losing 13,000 clients following the attack in the second half of 2022. 

Medibank:      ITPro:     The Australian:    ABC:    AFR

You Might Also Read: 

Four Major Cyber Attacks In 2022: How To Not Repeat History In 2023:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Britain's New Security Agency To Counter Chinese Hacking 
AI Is Creating New Mobile Scamming Threats    »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Veridify Security

Veridify Security

Veridify Security (formerly SecureRF), develops and licenses quantum-resistant, public-key security tools for the low-resource processors powering the Internet of Things.

PFP Cybersecurity

PFP Cybersecurity

PFP provides a SaaS solution for life-cycle protection based on our IoT security platform and power usage analytics.

SISA

SISA

SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive and corrective cybersecurity solutions.

FedRAMP

FedRAMP

FedRAMP, is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

Post-Quantum

Post-Quantum

Post-Quantum offer a unique, patented quantum-resistant encryption algorithm that can be applied to existing products and networks.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Naukrigulf

Naukrigulf

Naukrigulf.com is one of the fastest growing job sites in the Gulf, with thousands of registered job seekers and a robust CV database across many sectors, including cybersecurity.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

SecureAge Technology

SecureAge Technology

We’re a rapidly growing cybersecurity company with an 18-year history of ZERO Data breaches. Our security solutions place security and usability on equal footing. Learn more about our technology.

Cympire

Cympire

Cympire significantly increases an organisation’s Cyber Resilience through continuous Training and Assessment. Cyber Security Training Platform. Cloud-based and fully customizable Cyber Range.

The Citadel Department of Defense Cyber Institute (CDCI)

The Citadel Department of Defense Cyber Institute (CDCI)

CDCI is established to address the critical national security needed for a skilled cybersecurity workforce.

Lockheed Martin

Lockheed Martin

Lockheed Martin deliver full-spectrum cyber capabilities and cyber resilient systems to defense, intelligence community and global security customers.

Gorilla Technology Group

Gorilla Technology Group

Gorilla specializes in video analytics, OT network security and big data to support a wide range of solutions for commercial, industrial, cities and government purposes.

KTrust

KTrust

KTrust provides Continuous Threat Exposure Management for Kubernetes environments.

SGS Brightsight

SGS Brightsight

SGS Brightsight is the largest independent security evaluation lab in the world, with ten recognised labs worldwide.

Neptune Shield

Neptune Shield

Neptune Shield's mission is to deliver cutting edge Maritime focused Cyber Security & Threat Protection through our Hampton Roads based Tech & Cyber Security Hub.