and purchased on the dark web by an unconfirmed buyer who used them to gain access to Medibank’s internal system. This stolen data was placed into a zip file and extracted through two established backdoors.
Corporate Credential Theft: The Reason the Medibank Breach was Possible The Medibank data breach was made possible by the theft of internal credentials believed to belong to an individual with privileged system access.
All employee accounts, including privileged access accounts, should be protected with MFA -https://www.upguard.com/blog/mfa-multi-factor-authentication since it’s the hardest to bypass