JP on Nostr: Admin creds provided almost unlimited access, no MFA. No MFA on the VPN either. And ...
Admin creds provided almost unlimited access, no MFA. No MFA on the VPN either. And endpoint protection triggered alerts but no one noticed them or did anything about them. Medibank didn't notice 520 GB of data leaving their systems until after the external incident response team was engaged and one of their analysts figured it out a few days later.
Published at
2024-06-17 05:23:30Event JSON
{
"id": "dac6fbc8b70cdb055fbec6e450ab9623f39bc70893a6c7536ef43b4fd150febc",
"pubkey": "8e598e0ca897abac8f98026a6ed1e4eea69c9c78325bbea0c499297ff18004a5",
"created_at": 1718601810,
"kind": 1,
"tags": [
[
"e",
"3ad07428ff23976fba4821eb932789575b044114067dfcac5454055567150d13",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://eigenmagic.net/users/daedalus/statuses/112630288266241841",
"activitypub"
]
],
"content": "Admin creds provided almost unlimited access, no MFA. No MFA on the VPN either. And endpoint protection triggered alerts but no one noticed them or did anything about them. Medibank didn't notice 520 GB of data leaving their systems until after the external incident response team was engaged and one of their analysts figured it out a few days later.",
"sig": "5515acfe9f77ceec7520a128a5f3a9a0d6b2465431e1a0ab5fa121a2e787ac34ee7865f4db58deb8fc2c13097ed7f6c7c12b86df322b6958f06eb16d388ffa3a"
}
