Medibank hack started with theft of company credentials, investigation suggests

View forming within Medibank that details were then sold on a Russian-language cybercrime forum

• Get our morning and afternoon news emails, free app or daily news podcast

The Medibank hack began with the theft of the credentials of someone who had high-level access within the organisation, which were then sold on a Russian-language cybercrime forum, according to a source close to the company investigation.

The Australian health insurer told its customers on 13 October it had taken two systems offline as a result of a cyber incident". It later reported it had been contacted by hackers over 200GB of customer data allegedly stolen from the Medibank systems.

Sign up for our free morning newsletter and afternoon email to get your daily news roundup