In one look.
- Australia’s largest health insurance company is the target of a cyberattack.
- US university reveals ransomware attack.
- Improperly configured Azure Blob exposes Microsoft data.
- FBI warns of student debt relief scams.
Australia’s largest health insurance company is the target of a cyberattack.
Health insurer Medibank has become the latest victim of a recent wave of cyberattacks in Australia. A hacker claims to have stolen 200GB of data, offering the data of 100 customers as proof, and with 3.7 million customers in total, Medibank fears the number of people affected could increase. As ABC reports, when Medibank first became aware of the ransomware attack, it believed that no sensitive customer data had been accessed. A few days later, the company received a message from the suspected hackers, and soon Medibank confirmed that the attackers were in possession of data that appeared to have been stolen from their systems. Sample data includes customer names, mailing addresses, dates of birth, insurance claims information, and diagnosis and procedure details. The hacker claims to have also stolen credit card information, but this has not been verified. ABC adds that the attack has been referred to the Australian Federal Police and that Medibank is also working with the Australian Cybersecurity Agency and the Australian Signals Directorate. Cybersecurity Minister Clare O’Neil said: “If you think of a lot of cybercrime, it’s about financial or identity information, which is very problematic when it gets into the public domain. it being made public can cause immense harm to Australians and that is why we are so engaged with it.” O’Neil noted that the breach is just the latest of several attacks, including the breach massive data at telecommunications giant Optus which exposed data of up to 10 million customers. She added: “I think combined with Optus it’s a huge wake-up call for the country and certainly gives government a very clear mandate to do some things that, frankly, probably should have been done five years ago, but I think it’s still very critically important.”
US university reveals ransomware attack.
Whitworth University, a private liberal arts school in the US state of Washington, confirmed that a data breach in July was the result of a ransomware attack, reports Spokesman.com. Although Whitworth said the breach could have affected more than five thousand Washington state residents, it’s unclear how many students or out-of-state employees could have been affected. Threat actors potentially gained access to names, student ID numbers, state ID numbers, passport numbers, social security numbers, and health insurance information, but l The university says that the hackers fortunately did not have access to more sensitive information. Although Whitworth did not reveal the perpetrators, industry experts believe that the LockBit ransomware group may be behind the attack.
Improperly configured Azure Blob exposes Microsoft data.
Microsoft revealed yesterday that a misconfigured server exposed sensitive customer data, Bleeping Computer reports. The Azure Blob Storage server was discovered by security researchers from threat intelligence firm SOCRadar, and after learning of the leak, Microsoft secured the server on September 24. Microsoft and potential customers, such as planning or potential implementation and delivery of Microsoft services,” the company said on its website. They added that the breach was not caused by a vulnerability, but rather was the result of “unintentional misconfiguration on an endpoint that is not used in the Microsoft ecosystem.” Data exposed includes names, email addresses, email content, company names and phone numbers, and business records, and SOCRadar claims to have been able to link this sensitive information to more than 65,000 entities from 111 countries stored in files dated from 2017 to August. 2022. However, Microsoft says it believes SOCRadar “greatly overstated the scope of this issue” and “the numbers,” and also called out the research company for collecting the data and making it searchable on its data portal. BlueBleed data leak search.
FBI warns of student debt relief scams.
In August, the US government announced the Student Debt Relief Plan, and while that’s good news for those enduring college debt, the scammers have (of course) found a way to take advantage of the situation. . The US Federal Bureau of Investigation (FBI) released a public service announcement on Tuesday warning of scams targeting people seeking federal student loan forgiveness. Fraudsters posing as representatives of a bank or the Ministry of Education contact victims by phone, email, postal mail, SMS and other messaging platforms and inform them that they are entitled to tax relief. the debt. They then demand payment for bogus services (entry into the debt relief program does not require any payment) or simply harvest victims’ data for use in other operations. The FBI warning asks victims to submit a report to the FBI Internet Crime Complaint Center at www.IC3.gov.
Chris Clements, vice president of solutions architecture at cybersecurity firm Cerberus Sentinel, commented on the opportunities that student loan news can present to criminals:
“Cybercriminals and fraudsters are always looking for new opportunities to trick victims into inadvertently making payments or disclosing sensitive information, and high-profile financially motivated events like the Loan Forgiveness Program are a powerful trap. .
“In an era of widespread fraud and cybercrime, institutions such as businesses and government as well as consumers are responsible for combating scams. First and foremost, institutions need to be crystal clear in their messaging about how they will interact with consumers, both in specific ways that they can expect to receive communications such as by snail mail or not at all, but also in such a way as not to receive legitimate contacts. like a phone call or an email. The widespread campaign of fake phone scams by the IRS over the past few years could have been significantly mitigated by more deliberate messaging to publicize the now hopefully well-known fact that the IRS will never call individuals from public notoriety. There must also be a simple and obvious plan pre-thought for how consumers will interact with an institution, such as a simple website address like studentaid.gov in this case, ready to launch simultaneously with the launch of any program. or campaign. Any delay or complexity gives attackers a window and an opportunity to capitalize. Finally, consumers should be told exactly what type of information they are expected to provide or not. A government program like loan forgiveness may require a social security number for identity verification, but not payment information like a credit card number. At the same time, consumers should be aware of the frequency of online scams and that they are always ultimately responsible for their online safety. It’s a new skill of modern life to be able to filter out scams, whether they come from phishing, phone calls or text messages. It’s a sad reality that everyone has to accept that a healthy dose of skepticism and independent verification are now the norm.
KnowBe4 Security Awareness Advocate Erich Kron wrote to express some thoughts on federal programs and criminal opportunities:
“Federal programs, especially those that have a reasonable financial impact and have been promoted by the government for some time, can be a very attractive tool for bad actors. The federal government has already announced and promoted the program, making it more trustworthy by default. Having people recognize the name of the program and what it stands for can make it much easier for malicious actors to create imitation application websites where they will ask for sensitive information, without alarming potential victims.
“To protect against this, people should ensure that they only follow links from a .gov website, such as studentaid.gov, to the app. Rather than following links in e- mails, going directly to studentaid.gov, where the information is posted, is a much wiser choice.