It may be the final data dump, but Medibank fallout is far from over

For the criminals that stole millions of records from Medibank earlier this year, and who posted a huge and seemingly final file of it publicly this morning along with the note “case closed”, this awful saga appears to be all but over.

But for the victims, for Medibank, and for the rest of us, the trouble may have only just begun.

It will take a while for researchers to trawl through the six gigabytes or so of data newly posted to the dark web. But if it does turn out to be the full haul of stolen data, it means information related to around 10 million people — almost half of the Australian population — is available in one convenient location.

The Medibank hackers appear ready to move on.Credit:Ben Symons

This would be enough to attract the attention of scammers and criminal gangs from all over the world, who might see an easy way to expand their operations with a little effort put into crafting Australia-centric scams.

Our country is already rising through the ranks of the most targeted; cybersecurity company Bitdefender published its “threat debrief” for November this week, and noted that for the first time Australia was among the 10 countries most frequently hit by ransomware.

For context, previous drops of data from the Medibank hack have been somewhat organised, with the attackers appearing to prioritise potentially embarrassing or damaging information in an attempt to extort or harm the private health insurer. But this time it seems like a big pile of assorted raw data. Medibank has described it as “incomplete and hard to understand.”

But for criminals, piecing it together like a big jigsaw puzzle could be well worth their time.

At the most basic level, this data will likely be utilised to bolster existing tools and databases simply by ingesting the information. Having a huge amount of validated phone numbers and email addresses is useful for phishing and spam, meaning people whose data has just been published might expect an increase in automated calls or messages.

But with a bit more effort, the data can also be harnessed for trickier purposes. Assuming the information can be put together into legible sets — where for example an individual customer’s name, post code, phone number, email address and ID document details are all bundled together — it could be used for more personalised scams or fake messages that look a lot more legitimate.

Large criminal operations could combine this with all the data they already have, so if you’ve had personal information leak from two separate sources, those could be pooled together to make for a more complete profile. This makes it more likely scammers could trick you into opening malicious links, where they’re hoping you’ll also hand over the keys to your passwords, accounts or financial information.

Specific to the Medibank hack is the inclusion of claims data for around half a million people, which could be used to discern the details of medical procedures and treatments. In one sense, this is similar to any other information; criminals could leverage it to make more convincing scams by pretending to be a health care provider you’ve visited in the past. But there are also concerns it could be used for extortion or harassment in cases where the treatment was particularly sensitive.

Regardless of whether your details are included in the data, the fact that Medibank is in the news also means operators have been incorporating it into their regular scams. This could include fake emails claiming to be from Medibank or a credit checking agency, or extortion attempts claiming to have data on you.

Medibank CEO David Koczkar, unsurprisingly, said that the case was definitively not closed from the company’s point of view.

“We are doing everything we can to ensure our customers are supported. It’s important everyone stays vigilant to any suspicious activity online or over the phone,” he said.

“The Australian Federal Police have said law enforcement will take swift action against anyone attempting to benefit, exploit or commit criminal offences using stolen Medibank customer data.”

Get news and reviews on technology, gadgets and gaming in our Technology newsletter every Friday. Sign up here.

Most Viewed in Technology

From our partners

Source: Read Full Article