Stolen Medibank customers’ credentials sold on Russian-language cybercrime forum

Stolen credentials of Medibank’s customers were sold on a Russian-language cybercrime forum, while other cybercrime groups established two backdoors on the company’s network. The investigation is still ongoing as the amount of stolen data is unclear.

Investigation of the Medibank hack shows that the credentials stolen by hackers were put on a Russian-language cybercrime forum as a credential broker. Customers’ credentials were sold, and other hacker groups ‘infiltrated the company’s network and established two backdoors, including one for redundancy in case it is identified’. Medibank has not yet revealed the amount of stolen data as it is still unclear whether multi-factor authentication was comprised or bypassed.