Information Technology

Medibank’s systems are back online after they were shut down over the weekend for a security upgrade. The move was part of efforts to bolster its resilience following the October data breach that impacted 9.7 million customers. The Australian insurance group said its IT systems were taken offline for planned “maintenance” works that involved IT security advisors from Microsoft. The rollout had taken place at Medibank’s headquarters in Melbourne. “Given the complexity of the maintenance activities and the requirement to take our systems offline, this operation has been in the planning stages for several weeks,” the company said in a statement. All customer-facing platforms were tested and IT systems brought back online ahead of schedule on Saturday, operating with enhanced security features, it added. Customers regained access to Medibank’s website and apps, which went offline during the upgrade, but its retail outlets and call centres remained shut until Monday. The Australian company noted that no suspicious activities were detected inside its systems since the data breach was announced on October 12. It said it had implemented several measures to enhance its security since the incident, including two-factor authentication at its contact centres when customers call for support and additional detection and forensics features. It also expanded analytics capabilities through third-party specialists. Medibank said it still was analysing data released by cybercriminals on the dark web, noting that no additional files had been released since December 1 when hackers released six zipped folders containing compromised customer data. The folders reportedly contained all remaining data that was stolen in the breach, prior to which hackers involved in the theft had released the files in batches alongside demands for ransom. Medibank had said it would not pay any ransom.The October security breach affected 9.7 million current and former customers, including 1.8 million international customers, and leaked data such as names, dates of brith, phone numbers, and email addresses. Health claims data of some customers also were accessed, including locations where they had received medical services and codes linked to diagnoses and procedures administered. According to Medibank, there was no indication financial or banking details had been compromised and the stolen data alone was insufficient to facilitate identity or financial fraud. RELATED COVERAGE More

Current price: $60Original price: $100This is Ring’s most popular video doorbell: the 2020-release, battery-operated model. Featuring 1080p HD video, Alexa voice control, two-way talk, night vision, and advanced motion detection, this video doorbell is at the lowest price we’ve ever seen it before — even lower than during Amazon’s July and October Prime Day sales events.The built-in rechargeable battery makes for an easy installation, since there is no wiring involved, making it a perfect fit for anyone looking to upgrade their current doorbell setup. However, if you prefer a wired installation, this doorbell is also equipped for installation using your existing doorbell’s wiring. Also: What are the best home security systems and do they require Wi-Fi? More

Tom Werner/Getty Images I’ve been using Opera as my default browser for some time now. The main reason I do so is that Opera has perfected tab management.  More how-tos But like any browser, Opera can, over time, develop problems. Most often those problems lie within what’s saved in the cache. What is this “cache” […] More

June Wan/ZDNET Apple has unveiled plans to let users choose to encrypt their iCloud backups in a move that will thwart hackers – and also puts limits on law enforcement requests for user data.    The new feature Advanced Data Protection for iCloud will allow users to encrypt data on Apple’s servers and thus prevent […] More

Hacker hands typing on a laptop Image: Getty Google has filled in the blanks about a curious zero-day flaw that Microsoft addressed in its November Patch Tuesday.  The remote code execution flaw, tracked as CVE-2022-41128, was in one of its Windows JavaScript scripting languages, JScript9 — the JavaScript engine used in IE11. The bug affected […] More

Image: Getty Cyber criminals are losing millions of dollars to other cyber criminals after themselves falling victim to scams on dark web forums. And the way they’re publicly complaining about it could help uncover the secrets of the whole underground economy.   Online scammers and fraudsters cost consumers and businesses a billions every year, and […] More

iStockphoto/Getty Images Back in October, I wrote a piece about using encrypted email in Thunderbird. If you ever have to send sensitive information via email, you should be using encryption. If you’re not encrypting those missives, the information they contain can be read by a third party. More how-tos You don’t want that… especially when […] More

Image: Getty/Guido Mieth Android’s December security update fixes over 80 security vulnerabilities affecting smartphones – including four flaws classed as critical.  According to Google’s Android security bulletin for December 2022, the most severe vulnerability is one in Android’s System component which could allow attackers to remotely execute code over Bluetooth without the need for device […] More