Medibank hack - 3.8 million Australians data was stolen from the country’s largest private health insurer by capturing/using the login credentials of a user with high-level system access.
Excelitte mitigates this type of hack by providing a 3-factor authentication process for users to log in and view any data as follows:
- A strong complex password is required to log in.
- Excelitte will request for the code that it generates and sends either by Email or by SMS to the user depending on the user’s preference.
- Excelitte will finally request for code generated by Okta authenticator app (which is like Google authenticator) and requires the user to have already installed the Okta app on their phone.
- All stored data is encrypted both at rest and in transmission.
Optus hack - the company discerned that a hacker had accessed the records of anywhere between 2.5 million and 9.7 million current and former customers. The API (Application Programming Interface) layer was likely compromised and based on reports the hacker captured the customer details payload from the API.
An API is essentially a software application feature that allows two different software Web or Mobile software applications share or exchange data seamlessly.
Excelitte mitigates this type of hack in the following manner.
- Excelitte exposes no data via an API currently.
- All data uploads from spreadsheets are encrypted end to end between the uploading computer and the Excelitte software application.
- All data held in Excelitte is encrypted both at rest and in transmission.
Latitude Financials hack - Millions of customer details stolen in one of the largest-known data breaches in Australia. The attack appeared to have originated from "a major vendor used by Latitude". This resulted in the attacker obtaining Latitude employee login credentials.
Excelitte also mitigates this type of hack by providing a 3-factor authentication process for users to log in and view any data as stated in the Medibank hack section above.
Finally, Excelitte was also put through an extensive Grey Box Penetration Test by a third-party penetration testing company in early 2023.
Sign up today to use Excelitte or contact us for more information.