Medibank shares are soaring after its CEO declared its cyber troubles over, but experts say the company still has to show it has learned from its mistakes.
that the breach happened after a criminal stole the login credentials of someone with high-level systems access, and sold them to a separate hacker on a Russian language online forum.Last week Medibank’s chief executive David Kockzar said a Medibank username and password used by a third-party IT service provider was stolen and the hackers were then able to access its network through a misconfigured firewall, which did not require an additional digital security certificate.
“Given the high-risk data they hold for customers, it’s disappointing to see that a third-party IT service provider could remotely access their systems with only a username and password. This is not something you’d expect for a company the size of Medibank.“You would expect to see this with a small business using a third-party IT service provider.”
“Using a security certificate as a second factor is not what you’d expect for a company like Medibank.”Mr Lemon said a large amount of work needed to continue behind the scenes to improve cybersecurity standards at Medibank. Mr Kockzar said Medibank looked forward to participating in the review around the privacy law changes.
Mr Kockzar said this had involved bolstering existing monitoring, and added further protection and forensics capability across the Medibank system and network.“Additionally, we have ensured firewall authentication is fully configured across our whole network,” he said.
United Kingdom Latest News, United Kingdom Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Federal government to rewrite cyber laws after Optus, Medibank hacksAustralia's home affairs minister says the nation's cyber laws were 'bloody useless' during the Optus hack, as the federal government announces an overhaul of cyber policy.
Read more »
Albanese to host cyber security roundtable as data breach fears loomPrime Minister Anthony Albanese will host a cyber security roundtable in Sydney today in a bid to defend Australia against mass cyber attacks. The federal government’s appointment of a new coordinator for cyber security will seek to address key security concerns following the Optus and Medibank data breaches last year.
Read more »
‘Attacking the middle class’: CEO Amanda Rose on superannuation reformSmall Business Women Australia CEO Amanda Rose says the possible superannuation reforms are an attack on small businesses as “hard-working people” will be taxed more. “We’re attacking the middle class, which then will be forced to go down to living like the working class,” Ms Rose told Sky News Australia. “Increase age pension and don’t touch super.”
Read more »
ASIC sues Freedom Foods, ex-CEO and CFOASIC has brought civil proceedings against Rory Macleod and Campbell Nicholas for alleged disclosure failures, breaches of company director and officer duties, and false or misleading conduct.
Read more »
Missing Chinese CEO is being investigated by authorities, company saysMissing Chinese CEO Bao Fan is cooperating in an investigation by "certain authorities in the People&x27;s Republic of China," his company said in a statement.
Read more »
Nine is no longer ‘wholly reliant’ on advertising revenuesNine CEO Mike Sneesby says they are no longer a business that is “wholly reliant” on advertising revenues. “Subscription revenues from our publishing business from Stan sit on a different cycle to the ad cycle,” Mr Sneesby told Sky News Business Editor Ross Greenwood. “The benefit of diversified revenues both in advertising and subscription … gives us a very distinct advantage in a difficult economic time like we’re in now.”
Read more »