Written By Staff Writer.
Queensland-based body corporate and community management firm SSKB is one of the latest businesses to confirm an unauthorised data breach in what is now becoming a common occurrence. On October 27, SSKB said a third party gained access to their IT network, downloaded data, then posted a ransom demand.
The SSKB incident follows the high-profile cyber-attack on health insurer Medibank Private in October that saw large amounts of personal and health claims data stolen. Late last week, Medibank Private CEO David Koczkar said that the ongoing investigations had found over four million past and present ahm and Medibank Private customers were impacted.
Also on October 27, pathology services provider Australian Clinical Labs Limited (ACL) told the Australian Stock Exchange (ASX) that a subsidiary business, Medlab Pathology, experienced a cyber-attack in February that resulted in customer credit card and Medicare details being stolen.
“The theft of highly valuable personal information, with the goal of extracting financial gain, is becoming more common in Australia,” said Phillip Ivanic, Synopsys APAC Head of Solutions Strategy. “Overseas criminal groups are attempting to exploit vulnerabilities in internet-facing systems to “on-sell”, for lack of a better word, personal data to other cyber criminals to exploit in future.”
“As soon as we became aware of the unauthorised access, we deactivated the systems involved and secured our IT environment,” says a statement from SSKB. ”We are working as swiftly as possible to determine what, if any, personal or sensitive information may be contained in the dataset that was downloaded.”
Using login details purchased from a Russian-language website, hackers breached Medibank Private’s IT networks and watched and waited. The severity of that attack is only now becoming clear. Late last week, it was confirmed the breach also included patient information relating to My Home Hospital, a joint venture between Calvary Health Care, Medibank Private, and the South Australian Government.
Koczkar has “unreservedly apologised” but also admitted that the combined forces of the health insurer, specialised cyber security firms, and Federal Government agencies were yet to ascertain the true extent of the cyber-attack.
“This is a malicious attack that has been committed by criminals with a view of causing maximum fear and damage,” he said.
While Medibank Private and SSKB promptly notified their customers about their recent cyber incidents, ACL waited over nine months to provide an ASX statement. Approximately 223,000 clients are affected after hackers accessed Medlab’s IT systems in February.
“Given the highly complex and unstructured nature of the data set being investigated, it has taken the forensic analysts and experts until now to determine the individuals and the nature of their information involved,” said the ASX filing. “To date, there is no evidence of misuse of any of the information or any demand made of Medlab or ACL.”
Referring to the Medibank Private attack, Ivanic said the theft of personal data for financial gain is becoming more common. In this case, the attackers used information previously discovered from other organised criminal groups and then employed continuous scanning techniques to watch and wait for new vulnerabilities to exploit.
“Although a relatively recent and high-profile phenomenon in Australia, these types of crimes have been going on globally for quite some time,” he said, stressing that Australian businesses need to be alert to hackers using continuous and automated tools to look for weaknesses in their IT networks.