[RISK] medibank.com.au Faces ATO Risks
Summary:Medibank, The largest health insurance company in Australia faces Account Takeover (ATO) risks, at least 3,400 members have been impacted.
Australia's largest health insurance company, Medibank, has announced that in response to the impact of the ransomware incident that occurred in 2022 (in December 2022, a 5GB copy of data was released on the dark web, claiming to be the entirety of stolen Medibank data which impacted 9.7 million users), it is expected to invest a total of AUD 126 million over the next three years to upgrade its IT systems.
Despite these efforts, according to detections by THUD TECHNOLOGY PTE. LTD.(darkweb.vc), Medibank still has login credentials for over 3,400 accounts that have been compromised.
We recommend notifying the website's members of the leaked login credentials through 'Dark Web Reports', urging them to promptly update their credentials. Regardless of whether 2FA is implemented, securing leaked accounts by locking them and resetting login credentials is a robust security measure. Additionally, it’s advisable to alert affected users to change their passwords immediately. DarkWeb.vc offers highly cost-effective intelligence on login credential leaks to enterprises.