Who are REvil, the Russia-backed hacker group thought to be behind the Medibank data breach?

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,534
Reaction score
4,629
Credits
33,524


osprey

Well-Known Member
Joined
Apr 15, 2022
Messages
399
Reaction score
312
Credits
3,636
Interestingly, this "hack" doesn't appear to have been anything to do with the use of sophisticaled hacking techniques or creative modification of code ... rather it seems the entry into the company's databases was through "compromised credentials of someone with high-level access", which appears to be a euphemism for getting a password. It's quite extraordinary to think how 10million+ confidential datafiles depend on a single password. What happened to encryption?

The info is from: https://www.theguardian.com/austral...-the-health-insurer-fell-to-a-mass-data-theft
 

dos2unix

Well-Known Member
Joined
May 3, 2019
Messages
1,640
Reaction score
1,254
Credits
10,645
which appears to be a euphemism for getting a password. It's quite extraordinary to think how 10million+ confidential datafiles depend on a single password. What happened to encryption?

My guess is, you're right about the password :)

The only trouble with encryption is... if I have the right credentials, it's useless.
 

osprey

Well-Known Member
Joined
Apr 15, 2022
Messages
399
Reaction score
312
Credits
3,636
dos2unix wrote:
The only trouble with encryption is... if I have the right credentials, it's useless.
Yes, this is certainly the case. It may just be a matter of getting two passwords, or two credentials instead of one, but with slack practices by the credentialled operatives, not necessarily any more difficult.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,534
Reaction score
4,629
Credits
33,524
Speaking of passwords....(and not wishing to drag this thread off topic)....but i find it of great interest that the majority of Banks in Australia use a 6 digit long password...made up of the usual lower case/upper case/numerals...I think a few may use symbols..&^%#@ etc etc.....but still a limit of 6 total

I don't see any banks being hacked

I spoke to one of the security guys from Westpac Bank, and he informed me that they study behaviour analysis...(among other things on which he would not elaborate)

I guess it is difficult to introduce that type of analysis into the area of data storage.....but that is definitely an uneducated guess on my part.

Suffice be it to say, that all companies being hacked in the fashion medibank and optus were....their "upper echelon" of managers/ceo's/directors etc etc etc....need a swift kick to the crotch.
 

BigBadBeef

Active Member
Joined
Sep 23, 2021
Messages
251
Reaction score
104
Credits
2,306
As I've often remarked, the weakest link is always the human.

PEBKAC...
Or a turncoat. Got an offer he... "couldn't refuse".
 

Brickwizard

Well-Known Member
Joined
Apr 28, 2021
Messages
3,455
Reaction score
2,282
Credits
25,702

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
8,060
Reaction score
6,912
Credits
65,438
Or a turncoat. Got an offer he... "couldn't refuse".

Unless I'm missing something, and I did sleep in today, that's still the weakest link being a human and the problem existing between keyboard and chair.

Also, the history of social engineering goes back a long ways. Even Frank Abignali used social engineering for his merry jaunt around the globe. Amusingly, he owns his own security company today. Though, last I knew, folks had concluded that he was a bit prone to exaggeration and made some stuff up out of thin air.

Still, that's what I'd expect a social engineer to do. It worked well enough to make folks consider him an expert on document security.
 

osprey

Well-Known Member
Joined
Apr 15, 2022
Messages
399
Reaction score
312
Credits
3,636
The hackers appear to have released everything in the face of not receiving the ransom they asked for: https://www.abc.net.au/news/2022-12-01/medibank-data-leak-has-everything-been-released-now/101720028.

The writers of the article wrote:
In a statement this morning, Medibank said it was still analysing the information, but confirmed that the data released appeared to be data it believed the criminals had stolen. It said the release consisted of six zipped files but that much of the data is incomplete and hard to understand. It added that health claims data released today had not been joined with customer name and contact details. Medibank said the data stolen, by itself, should not be sufficient to enable identity and financial fraud against affected customers.
Nevertheless, the previously released data did include names connected with ailments and contact details, so whatever Medibank conjectures about the current release being "incomplete and hard to understand" may simply be seen as a challenge for hackers of the dark to make the connections. The uncertainty of the situation itself is enough to be considerably anxiety provoking for Medibank customers. I don't think it can be said that the saga has ended with this "final" release.
 
OP
Condobloke

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,534
Reaction score
4,629
Credits
33,524
Agreed.

While there is a dollar on the table.....etc etc ...the perpetrators will not just fade into the ethers.

Rest assured, there will be more to come.
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Linux.org Hosting Donations
Consider making a donation

Members online


Top