Australia blames Russians for Medibank health insurance data theft


Moscow must he held to account for Russian cybercriminals accused of hacking Australia’s largest health insurer and dumping customers’ personal medical records on the dark web, Australian officials said Friday.

Australian Federal Police took the unusual step of attributing blame for the unsolved cybercrime that resulted in the personal data of 9.7 million current and former Medibank customers being stolen.

A group of “loosely affiliated cybercriminals” operating like a business in Russia were likely responsible for the Medibank attack as well as other significant security breaches around the world, Australian Federal Police Commissioner Reece Kershaw said.

“We believe we know which individuals are responsible, but I will not be naming them,” Kershaw told reporters. “What I will say is that we’ll be holding talks with Russian law enforcement about these individuals.”

Prime Minister Anthony Albanese, who is a Medibank customer who had personal data stolen, said he had authorized police to reveal where the attack had come from.

“We know where they’re coming from, we know who is responsible, and we say that they should be held to account,” Albanese said.

“The nation where these attacks are coming from should also be held accountable for the disgusting attacks, and the release of information including very private and personal information,” Albanese added.

An official from the Russian Embassy in Australia could not be immediately contacted for comment.

The extortionists have been linked to high-profile Russian cybercrime gang REvil, short for Ransomware Evil and also known as Sodinokibi.

The Russian Federal Security Service said in January REvil “ceased to exist” after several arrests were made at the insistence of the United States.

An old REvil dark web site had started redirecting traffic to a new site that hosts the stolen Medibank data.

Fergus Hanson, director of Australian Strategic Policy Institute think tank’s cyber policy center, said he was not surprised that the crime gang was based in Russia.

A Medibank employee’s stolen username and password, which allowed the hackers to enter the company’s database, had been sold on a Russian dark web forum, Hanson said.

Hanson doubted that culprits operating in Russia would be brought to justice.

But Australia could use its offensive cyber capabilities against the gang in Russia and prosecute their affiliates, who police suspect are operating in other countries.

“There’s potential to conduct operations against the group to disrupt their operations, but in terms of seeing them go to prison or appear before a court, I think that’s pretty unlikely,” Hanson told Australian Broadcasting Corp.

Cybercriminals dumped personal medical records on the dark web for a third day on Friday, this time focusing on alcohol-related illnesses, as they pressure Medibank to pay a ransom.

The criminals began dumping customer records Wednesday, including those involving treatments for HIV and drug addiction, which they described as a “naughty” list, after Medibank ruled out paying a ransom for the return of the hacked data.

The focus shifted to terminated pregnancies in Thursday’s dump…



Read More: Australia blames Russians for Medibank health insurance data theft

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More