What happens if Medibank hackers release the data
What could criminals do with this sort of data?
A lot of different kids of data are thought to have been stolen from Medibank. Identifying details such as names, birthdates, phone numbers and email addresses are useful for crafting phishing attacks, where victims are tricked into clicking on malicious links or handing over further details, or could just serve as a way to contact potential victims. Medicare numbers, passport numbers and visa details could be used in identity theft operations, where for example criminals apply for credit cards or loans posing as the victim. Health claims data was also accessed, including details of providers, medical diagnoses and procedures. This data could be used to impersonate health care professionals, or to directly blackmail victims in the case of particularly sensitive health issues.
Loading
How could victims protect themselves?
Details like Medicare and passport numbers can be changed, which would render the attackers’ data useless. Changing phone numbers and email addresses is more of a burden, and things like birthdates are obviously fixed, so the best protection there is vigilance in clicking on anything received via SMS or email, and making sure online accounts are secured with unique passwords and two-factor authentication. It’s important to note that once data like this is dumped online it tends to stick around for a long time. Customers are not only at short-term risk of receiving a higher number of phishing emails, but the data could be combined with other details long into the future to craft new attacks. The health data is the most problematic, as attackers could conceivably use it to extort or harass victims for years, as we’ve seen with previous sensitive data leaks such as the Ashley Maddison hack.
What is Medibank doing to help?
Medibank is contacting all customers whose data has been accessed with specific advice. It has opened a dedicated health and wellbeing phone line available for all customers, and is reaching out proactively to customers identified as being particularly vulnerable. The company has also set up an app that includes tools and links to support, is offering free credit monitoring services and reimbursements for the cost of ID replacements, and has a hardship support hotline for anyone financially impacted.
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.
What could criminals do with this sort of data?
A lot of different kids of data are thought to have been stolen from Medibank. Identifying details such as names, birthdates, phone numbers and email addresses are useful for crafting phishing attacks, where victims are tricked into clicking on malicious links or handing over further details, or could just serve as a way to contact potential victims. Medicare numbers, passport numbers and visa details could be used in identity theft operations, where for example criminals apply for credit cards or loans posing as the victim. Health claims data was also accessed, including details of providers, medical diagnoses and procedures. This data could be used to impersonate health care professionals, or to directly blackmail victims in the case of particularly sensitive health issues.
Loading
How could victims protect themselves?
Details like Medicare and passport numbers can be changed, which would render the attackers’ data useless. Changing phone numbers and email addresses is more of a burden, and things like birthdates are obviously fixed, so the best protection there is vigilance in clicking on anything received via SMS or email, and making sure online accounts are secured with unique passwords and two-factor authentication. It’s important to note that once data like this is dumped online it tends to stick around for a long time. Customers are not only at short-term risk of receiving a higher number of phishing emails, but the data could be combined with other details long into the future to craft new attacks. The health data is the most problematic, as attackers could conceivably use it to extort or harass victims for years, as we’ve seen with previous sensitive data leaks such as the Ashley Maddison hack.
What is Medibank doing to help?
Medibank is contacting all customers whose data has been accessed with specific advice. It has opened a dedicated health and wellbeing phone line available for all customers, and is reaching out proactively to customers identified as being particularly vulnerable. The company has also set up an app that includes tools and links to support, is offering free credit monitoring services and reimbursements for the cost of ID replacements, and has a hardship support hotline for anyone financially impacted.
The Business Briefing newsletter delivers major stories, exclusive coverage and expert opinion. Sign up to get it every weekday morning.
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.