Who are REvil, the Russia-backed hacker group thought to be behind the Medibank data breach?

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,617
Reaction score
4,696
Credits
34,228


osprey

Well-Known Member
Joined
Apr 15, 2022
Messages
418
Reaction score
341
Credits
3,850
Interestingly, this "hack" doesn't appear to have been anything to do with the use of sophisticaled hacking techniques or creative modification of code ... rather it seems the entry into the company's databases was through "compromised credentials of someone with high-level access", which appears to be a euphemism for getting a password. It's quite extraordinary to think how 10million+ confidential datafiles depend on a single password. What happened to encryption?

The info is from: https://www.theguardian.com/austral...-the-health-insurer-fell-to-a-mass-data-theft
 

dos2unix

Well-Known Member
Joined
May 3, 2019
Messages
1,654
Reaction score
1,270
Credits
10,769
which appears to be a euphemism for getting a password. It's quite extraordinary to think how 10million+ confidential datafiles depend on a single password. What happened to encryption?

My guess is, you're right about the password :)

The only trouble with encryption is... if I have the right credentials, it's useless.
 

osprey

Well-Known Member
Joined
Apr 15, 2022
Messages
418
Reaction score
341
Credits
3,850
dos2unix wrote:
The only trouble with encryption is... if I have the right credentials, it's useless.
Yes, this is certainly the case. It may just be a matter of getting two passwords, or two credentials instead of one, but with slack practices by the credentialled operatives, not necessarily any more difficult.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,617
Reaction score
4,696
Credits
34,228
Speaking of passwords....(and not wishing to drag this thread off topic)....but i find it of great interest that the majority of Banks in Australia use a 6 digit long password...made up of the usual lower case/upper case/numerals...I think a few may use symbols..&^%#@ etc etc.....but still a limit of 6 total

I don't see any banks being hacked

I spoke to one of the security guys from Westpac Bank, and he informed me that they study behaviour analysis...(among other things on which he would not elaborate)

I guess it is difficult to introduce that type of analysis into the area of data storage.....but that is definitely an uneducated guess on my part.

Suffice be it to say, that all companies being hacked in the fashion medibank and optus were....their "upper echelon" of managers/ceo's/directors etc etc etc....need a swift kick to the crotch.
 

BigBadBeef

Active Member
Joined
Sep 23, 2021
Messages
254
Reaction score
106
Credits
2,365
As I've often remarked, the weakest link is always the human.

PEBKAC...
Or a turncoat. Got an offer he... "couldn't refuse".
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
3,508
Reaction score
2,338
Credits
26,112

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
8,157
Reaction score
6,993
Credits
66,234
Or a turncoat. Got an offer he... "couldn't refuse".

Unless I'm missing something, and I did sleep in today, that's still the weakest link being a human and the problem existing between keyboard and chair.

Also, the history of social engineering goes back a long ways. Even Frank Abignali used social engineering for his merry jaunt around the globe. Amusingly, he owns his own security company today. Though, last I knew, folks had concluded that he was a bit prone to exaggeration and made some stuff up out of thin air.

Still, that's what I'd expect a social engineer to do. It worked well enough to make folks consider him an expert on document security.
 

osprey

Well-Known Member
Joined
Apr 15, 2022
Messages
418
Reaction score
341
Credits
3,850
The hackers appear to have released everything in the face of not receiving the ransom they asked for: https://www.abc.net.au/news/2022-12-01/medibank-data-leak-has-everything-been-released-now/101720028.

The writers of the article wrote:
In a statement this morning, Medibank said it was still analysing the information, but confirmed that the data released appeared to be data it believed the criminals had stolen. It said the release consisted of six zipped files but that much of the data is incomplete and hard to understand. It added that health claims data released today had not been joined with customer name and contact details. Medibank said the data stolen, by itself, should not be sufficient to enable identity and financial fraud against affected customers.
Nevertheless, the previously released data did include names connected with ailments and contact details, so whatever Medibank conjectures about the current release being "incomplete and hard to understand" may simply be seen as a challenge for hackers of the dark to make the connections. The uncertainty of the situation itself is enough to be considerably anxiety provoking for Medibank customers. I don't think it can be said that the saga has ended with this "final" release.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,617
Reaction score
4,696
Credits
34,228
Agreed.

While there is a dollar on the table.....etc etc ...the perpetrators will not just fade into the ethers.

Rest assured, there will be more to come.
 
$200 Digital Ocean Credit
Get a free VM to test out Linux!


Staff online


Top