In a worrying trend, details of Medibank Private Ltd (ASX:MPL)'s staff were amongst the data stolen in a cybersecurity attack perpetrated by Russian hackers on MOVEit, a popular file-transfer system, affecting hundreds of companies across the world, as reported by AFR
The breach occurred via a third-party firm Medibank employs for building management, leading to the theft of employee names, work email addresses and phone numbers.
Medibank confirmed that its systems were untouched and customer data remained safe, despite the breach.
Applied security patches
Responding to AFR’s queries, Medibank's spokeswoman said: "We were advised by the vendor Ipswitch about some vulnerabilities discovered in MOVEit, a software system we use to share information with external parties.
“We immediately applied all the vendor's recommended security patches
“We continue to investigate and work closely with the vendor and at this stage, we are not aware of any of our customers’ data being compromised.
“One of our property and facility management providers use MOVEit and unfortunately they have been impacted by the cyberattack.”
Bounty out for perpetrators
Cybercrime group Cl0p initially hacked into the MOVEit file-sharing service in late May, stealing data from a variety of organisations including US federal agencies, Shell (LON:RDSa) and BBC to name a few.
Just yesterday, the US State Department's Rewards for Justice (RFJ) program revealed a reward of up to $10 million for information connecting these Clop ransomware attacks.
Earlier in 2023, mining giant Rio Tinto (ASX:RIO) and Crown Resorts, a hospitality and entertainment group, were victims of a similar attack on the third-party data transfer tool, GoAnywhere.
The Medibank Saga
Last year, Medibank was victim to a data breach that affected 9.7 million current and former customers perpetrated by the pro-Russian REevil ransomware gang – which is currently spearheading a cyber war against Europe.
The most serious breach was for around 500,000 customers who have had private health information stolen, including health claims and personal information.
Following ransom demands from the hacker, the company revealed that no ransom will be paid as per advice from government authorities and security consultants.
In response to that, the hackers released leaked sensitive data which included information related to abortions and drug and alcohol abuse of its customers in multiple tranches, in a data dump that shook the nation.