Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Friends may come and go, but enemies accumulate. -- Thomas Jones

aus+uk / aus.computers / Re: Medibank AHM data breach

SubjectAuthor
* Medibank AHM data breachAmazed Again
+* Re: Medibank AHM data breachRod Speed
|`- Re: Medibank AHM data breachPetzl
+* Re: Medibank AHM data breachkeithr0
|`* Re: Medibank AHM data breachOzix
| `- Re: Medibank AHM data breachComputer Nerd Kev
`- Re: Medibank AHM data breachPeter Jason

1
Medibank AHM data breach

<tj8ds5$1kon$1@gioia.aioe.org>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=3216&group=aus.computers#3216

  copy link   Newsgroups: aus.computers
Path: i2pn2.org!i2pn.org!aioe.org!TVR4W8nzk3t3s/u5DvDjIg.user.46.165.242.75.POSTED!not-for-mail
From: bos...@unit.gov (Amazed Again)
Newsgroups: aus.computers
Subject: Medibank AHM data breach
Date: Tue, 25 Oct 2022 18:30:26 +0800
Organization: Aioe.org NNTP Server
Message-ID: <tj8ds5$1kon$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Info: gioia.aioe.org; logging-data="54039"; posting-host="TVR4W8nzk3t3s/u5DvDjIg.user.gioia.aioe.org"; mail-complaints-to="abuse@aioe.org";
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
Firefox/68.0 SeaMonkey/2.53.14
X-Mozilla-News-Host: snews://nntp.aioe.org:563
X-Notice: Filtered by postfilter v. 0.9.2
 by: Amazed Again - Tue, 25 Oct 2022 10:30 UTC

One news story claimed a high-level password was stolen, then sold on
the dark web. Then second mob of hackers got shitloads of data.
Now how did first hacker know the password was from a priveleged user?
Maybe it was an inside job; at least somebody told a hacker that Joe
Blogs is an admin in sudo group, see what you can get.

Re: Medibank AHM data breach

<op.1umffdc2byq249@pvr2.lan>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=3219&group=aus.computers#3219

  copy link   Newsgroups: aus.computers
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: rod.spee...@gmail.com (Rod Speed)
Newsgroups: aus.computers
Subject: Re: Medibank AHM data breach
Date: Wed, 26 Oct 2022 11:53:27 +1100
Lines: 11
Message-ID: <op.1umffdc2byq249@pvr2.lan>
References: <tj8ds5$1kon$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
X-Trace: individual.net Lt2/PpyNVjX8XbjIXBPD9AJNBwrNmYowRjXjm31MPzRsMh7MY=
Cancel-Lock: sha1:eZHaK0aEPzdOMNAquF0Du2pBH9Q=
User-Agent: Opera Mail/1.0 (Win32)
 by: Rod Speed - Wed, 26 Oct 2022 00:53 UTC

Amazed Again <boss@unit.gov> wrote

> One news story claimed a high-level password was stolen, then sold on
> the dark web. Then second mob of hackers got shitloads of data.

> Now how did first hacker know the password was from a priveleged user?

By trying it most likely.

> Maybe it was an inside job; at least somebody told a hacker that Joe
> Blogs is an admin in sudo group, see what you can get.

Re: Medibank AHM data breach

<9jjhlh98u4l829hcskhmqd2b310f83aqtp@4ax.com>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=3221&group=aus.computers#3221

  copy link   Newsgroups: aus.computers
Path: i2pn2.org!i2pn.org!aioe.org!news.uzoreto.com!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: pet...@gmail.com (Petzl)
Newsgroups: aus.computers
Subject: Re: Medibank AHM data breach
Date: Wed, 26 Oct 2022 17:09:20 +1100
Lines: 25
Message-ID: <9jjhlh98u4l829hcskhmqd2b310f83aqtp@4ax.com>
References: <tj8ds5$1kon$1@gioia.aioe.org> <op.1umffdc2byq249@pvr2.lan>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Trace: individual.net F2+j+C2844tRAAHAF7Dl8wkLXDjY9Fa2hmmjkcNXrO3KaAe6Nx
Cancel-Lock: sha1:UjoxLkPDlD6dOZ857T8cF2/5XHE=
User-Agent: ForteAgent/8.00.32.1272
 by: Petzl - Wed, 26 Oct 2022 06:09 UTC

On Wed, 26 Oct 2022 11:53:27 +1100, "Rod Speed"
<rod.speed.aaa@gmail.com> wrote:

>Amazed Again <boss@unit.gov> wrote
>
>> One news story claimed a high-level password was stolen, then sold on
>> the dark web. Then second mob of hackers got shitloads of data.
>
>> Now how did first hacker know the password was from a priveleged user?
>
>By trying it most likely.
>
More likely not using a VPN at McDonalds Wi-Fi
Ordog was the fat creepy guy with a laptop looking at him while
accessing hid Laptop.
>
>> Maybe it was an inside job; at least somebody told a hacker that Joe
>> Blogs is an admin in sudo group, see what you can get.
--
Petzl
Australian's continue to vote for and believe slogans?

"My first act as Prime Minister will be to raise the speed limit, lower the
fines, cancel the tolls. ban any future virus lock downs.
Thank you " Anthony Albanese

Re: Medibank AHM data breach

<jrs5aoFjlrhU1@mid.individual.net>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=3223&group=aus.computers#3223

  copy link   Newsgroups: aus.computers
Path: i2pn2.org!i2pn.org!usenet.goja.nl.eu.org!2.eu.feeder.erje.net!feeder.erje.net!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: use...@account.invalid (keithr0)
Newsgroups: aus.computers
Subject: Re: Medibank AHM data breach
Date: Wed, 26 Oct 2022 17:18:46 +1000
Lines: 13
Message-ID: <jrs5aoFjlrhU1@mid.individual.net>
References: <tj8ds5$1kon$1@gioia.aioe.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Trace: individual.net 01nQ5NQOJz9JsNCXc0VokAxKm/jZh2o7uYw0vS2aFee+orZWe1
Cancel-Lock: sha1:kgSYEC4rAB8x6USgroaJ0g9uUpY=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
Thunderbird/91.13.1
Content-Language: en-US
In-Reply-To: <tj8ds5$1kon$1@gioia.aioe.org>
 by: keithr0 - Wed, 26 Oct 2022 07:18 UTC

On 25/10/2022 8:30 pm, Amazed Again wrote:
> One news story claimed a high-level password was stolen, then sold on
> the dark web. Then second mob of hackers got shitloads of data.
> Now how did first hacker know the password was from a priveleged user?
> Maybe it was an inside job; at least somebody told a hacker that Joe
> Blogs is an admin in sudo group, see what you can get.

Why is this sort of data not held on a secure intranet only connected to
the Internet facing stuff by an interface only allowing record by record
access?

How do these organisations not notice the exfiltration of gigabytes of data?

Re: Medibank AHM data breach

<635905c0$1@news.ausics.net>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=3225&group=aus.computers#3225

  copy link   Newsgroups: aus.computers
Subject: Re: Medibank AHM data breach
Newsgroups: aus.computers
References: <tj8ds5$1kon$1@gioia.aioe.org> <jrs5aoFjlrhU1@mid.individual.net>
From: ozi...@xizo.am (Ozix)
Date: Wed, 26 Oct 2022 18:02:39 +0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
Firefox/68.0 SeaMonkey/2.53.14
MIME-Version: 1.0
In-Reply-To: <jrs5aoFjlrhU1@mid.individual.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
NNTP-Posting-Host: news.ausics.net
Message-ID: <635905c0$1@news.ausics.net>
Organization: Ausics - https://www.ausics.net
Lines: 7
X-Complaints: abuse@ausics.net
Path: i2pn2.org!i2pn.org!aioe.org!news.ausics.net!not-for-mail
 by: Ozix - Wed, 26 Oct 2022 10:02 UTC

keithr0 wrote:
>
> How do these organisations not notice the exfiltration of gigabytes of
> data?

The Shanghai police data breach was even worse. Hackers got details of
many millions, more than population of Australia.

Re: Medibank AHM data breach

<63590b5c@news.ausics.net>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=3226&group=aus.computers#3226

  copy link   Newsgroups: aus.computers
Message-ID: <63590b5c@news.ausics.net>
From: not...@telling.you.invalid (Computer Nerd Kev)
Subject: Re: Medibank AHM data breach
Newsgroups: aus.computers
References: <tj8ds5$1kon$1@gioia.aioe.org> <jrs5aoFjlrhU1@mid.individual.net> <635905c0$1@news.ausics.net>
User-Agent: tin/2.0.1-20111224 ("Achenvoir") (UNIX) (Linux/2.4.31 (i686))
NNTP-Posting-Host: news.ausics.net
Date: 26 Oct 2022 20:26:36 +1000
Organization: Ausics - https://www.ausics.net
Lines: 11
X-Complaints: abuse@ausics.net
Path: i2pn2.org!i2pn.org!news.bbs.nz!news.ausics.net!not-for-mail
 by: Computer Nerd Kev - Wed, 26 Oct 2022 10:26 UTC

Ozix <ozix@xizo.am> wrote:
>
> The Shanghai police data breach was even worse. Hackers got details of
> many millions, more than population of Australia.

Sounds like the phrase "getting shanghaied" might have a whole new
meaning. :)

--
__ __
#_ < |\| |< _#

Re: Medibank AHM data breach

<glajlhpjkfduqmllu81lml6me0f0o08stj@4ax.com>

  copy mid

https://www.novabbs.com/aus+uk/article-flat.php?id=3229&group=aus.computers#3229

  copy link   Newsgroups: aus.computers
Path: i2pn2.org!i2pn.org!eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: pj...@jostle.com (Peter Jason)
Newsgroups: aus.computers
Subject: Re: Medibank AHM data breach
Date: Thu, 27 Oct 2022 08:47:59 +1100
Organization: A noiseless patient Spider
Lines: 13
Message-ID: <glajlhpjkfduqmllu81lml6me0f0o08stj@4ax.com>
References: <tj8ds5$1kon$1@gioia.aioe.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Injection-Info: reader01.eternal-september.org; posting-host="70f1657b0cacc808c2f16a2b15c1dcce";
logging-data="2691428"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/8JZg1FhQeXOQ+4wyqlNRd"
User-Agent: ForteAgent/8.00.32.1272
Cancel-Lock: sha1:XEEnJXJADsayofT1vATAV3iW4C0=
 by: Peter Jason - Wed, 26 Oct 2022 21:47 UTC

On Tue, 25 Oct 2022 18:30:26 +0800, Amazed Again <boss@unit.gov>
wrote:

>One news story claimed a high-level password was stolen, then sold on
>the dark web. Then second mob of hackers got shitloads of data.
>Now how did first hacker know the password was from a priveleged user?

It's always an inside job, or at least that's where to look first.

>Maybe it was an inside job; at least somebody told a hacker that Joe
>Blogs is an admin in sudo group, see what you can get.

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor