The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor. According to a statement by the Australian Information Commissioner (AIC) filed with the Federal Court of Australia, the credentials were stolen by way of infostealer malware, after that employee “saved his Medibank username and password for a number of Medibank accounts … More

The post Medibank breach: Security failures revealed (lack of MFA among them) appeared first on Help Net Security.