Posted on July 4, 2017 at 12:46 PM
Living in an age of the Internet has a lot of perks and benefits, but also many dangers of its own. Almost any information can be accessed by anyone who knows how to search for it. And right now, the Medicare details of entire Australia would cost only $30, if you know where to look.
Australian DHS (Department of Human Services) has had a data breach recently, which was confirmed by the Australian Federal Police. Soon after the breach, private Medicare data appeared on the darknet.
It is called Medicare Machine, and it offers private data of any Australian for only $30.50, which is around 0.0089 bitcoin. The hackers responsible claim that they are exploiting a vulnerability. And this is not only some data that you can get to by using Google. Everything that was posted here can only be accessed via darknet.
This is an online home to shady, and even openly illegal businesses, operations, deals, and sales. It needs special, dedicated browsers in order to access it, like Tor. Once you successfully access it, you will see that it offers all kinds of criminal activities. It offers drugs, illegally obtained data, and pretty much anything else – if you have the money.
Now, you might wonder, with all of that out there, how much harm can some Medicare files bring? Well, a lot. It might not be as valuable to anyone, but identity thieves would pay a lot more than $30 for this info. It brings them so many options, like accessing your personal records, scamming other services and operations by using your data, and alike.
It is amazing just how much damage someone can cause to us if they only have our name and several numbers.
AFP is currently conducting the investigation, as confirmed by Alan Tudge, the Minister for Human Services. He stated that he cannot comment on the cyber operations, but he also confirmed that the investigation is still ongoing. He appreciates how much is personal data worth, and how serious this breach is.
He did not comment on the risks for Australians, but he did say that, in his case, the stolen data is not enough for accessing any personal health record. It would seem that the only piece of information is a Medicare card number.
As for the DHS, they were asked if they knew about the breach, or what is the plan when it comes to addressing the issue. Also, what are they doing when it comes to increasing their security, none of these questions were answered. But, considering the size of the data, it is pretty clear that this incident won’t go away soon.