Medibank has provided additional details about a cyber incident that occurred last week, stating that it detected precursor activity consistent with a ransomware attack.
CEO David Koczkar stated that no customer data was taken and that the insurer had since brought its customer-facing systems back online. It had taken some systems offline immediately after monitoring systems detected “unusual activity.”
“We have contained the ransomware threat but remain vigilant and will take the necessary steps in the future to protect our operations and customer data,” Koczkar said.
According to a brief timeline, Medibank discovered “unusual activity” on its servers on Wednesday last week, prompting its cyber security team to launch an incident response with the assistance of partners.
“Later that evening, we identified the unusual activity was focused on the IT infrastructure we use to support our ahm and international student customer policy management systems.”
Medibank decided to temporarily block and isolate access to the two systems and halt trading while the activity was investigated, according to Koczkar. The customer-facing systems “were restored on new IT infrastructure,” allowing bus
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: