Medibank data breach explained

In 2022 the Australian medical insurance company Medibank had a data breach. A criminal group compromised their systems, and stole the sensitive medical data for over 9 million people. They then leaked some of this onto the dark web. In 2024 the Australian privacy regulator announced that they were planning to fine Medibank for having weak security. In a recent report, it showed the shocking disregard for security, and a fail to prevent and detect this breach. In this video I talk about what happened, and what we can learn from it. 00:00 Intro. 02:42 What happened? 07:03 What can we learn from this? Link to the Australian privacy regulator report/statement: https://www.oaic.gov.au/__data/assets/pdf_file/0025/221974/Australian-Information-Commissioner-v-Medibank-Private-Limited-concise-statement.pdf My video on EDR: https://www.youtube.com/watch?v=cZLhjRxyXnQ Infostealer 101 with @theintellab: https://www.youtube.com/watch?v=9JwLzTyMuYc #informationsecurity #cybersecurity #medibank