Inner Joined Data Breaches
Optus Breach and Medibank Breach: A Breach Made in Hell Problem: In the past few weeks there have been a whirlwind of data breach news from Optus and then Medibank . Anyone in Australia knows that these are two gigantic service providers in the country serving a huge portion of the population. Therefore the data stolen are horrendously massive, and when combined, extremely deadly. Let's have a look at Optus vs Medibank data stolen according to news: As we can see, either data from Optus breach or Medibank breach alone provides ONE PRIMARY ID which is sufficient for a hacker to: Register a new phone number Open Buy Now Pay Later account Open crypto account in Centralized Exchange etc (not going to list all of them for security reason) To make things even worse, if someone got their hands on both of them and join them together: Basically they will produce a complete identity of a person with TWO PRIMARY ID documents. With those documents, a hacker can: Access the victim bank ac