Stolen Medibank customers’ credentials sold on Russian-language cybercrime forum
Stolen credentials of Medibank’s customers were sold on a Russian-language cybercrime forum, while other cybercrime groups established two backdoors on the company’s network. The investigation is still ongoing as the amount of stolen data is unclear.
Investigation of the Medibank hack shows that the credentials stolen by hackers were put on a Russian-language cybercrime forum as a credential broker. Customers’ credentials were sold, and other hacker groups ‘infiltrated the company’s network and established two backdoors, including one for redundancy in case it is identified’. Medibank has not yet revealed the amount of stolen data as it is still unclear whether multi-factor authentication was comprised or bypassed.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.