According to the police, a Russian network is behind the hacker attack on a large health insurance company in Australia.
A spokesman in Canberra said the findings pointed to a group of loosely affiliated cybercriminals who are also likely responsible for other attacks around the world.
The hackers had broken into Medibank’s database and stolen information about millions of customers. They tried to blackmail the company. However, this refused to pay.
The perpetrators then published sensitive data on the so-called dark web, including medical findings, dates of birth, telephone numbers and e-mail addresses. In the meantime, according to reports from the Australian news agency AAP, further data has been disclosed, for example from alcoholics and from women who had abortions.
Australia suspects Russian hackers
According to the police, a Russian network is behind the cyber attack on a large health insurance company in Australia. The hackers had stolen highly sensitive information about millions of customers and published it on the dark web.
Australian police have blamed Russian hackers for a cyberattack on a major Australian health insurer. “We believe that those responsible for the crime are in Russia,” said Reece Kershaw, a spokesman for the Australian National Police, in the capital Canberra. “Our findings point to a group of loosely affiliated cybercriminals who are also likely behind other massive security breaches in countries around the world.”
Police know the hackers’ identities but will not name them, Kershaw said. The Australian police now want to turn on Interpol and Russia. “We will hold talks with the Russian investigative authorities about these people,” Kershaw said. According to cybersecurity experts, the notorious Russian hacker group Revil, which has also been blamed for attacks on US IT company Kaseya, Brazilian meat company JBS and pop star Lady Gaga, could be behind the attack on Medibank.
Millions of Australians are likely to be affected by the hack, Kershaw said. Medibank is Australia’s largest private health insurer with around 9.7 million customers. “This cyberattack is an unacceptable attack on Australia and deserves a response commensurate with the malicious and far-reaching consequences this crime is causing.”
Sensitive medical data published on the dark web
A few weeks ago, the hackers penetrated the Medibank insurance company’s database and stole highly sensitive information about millions of customers. They tried to blackmail the company. However, in consultation with cyber crime experts, the latter refused to pay the ransom.
A few days ago, the perpetrators then published the first sensitive data from customers on the dark web – i.e. in the hidden part of the Internet. Among other things, the medical reports and treatments of the insured had fallen into the hands of the hackers, as well as their dates of birth, telephone numbers and e-mail addresses.
In the meantime, according to the Australian news agency AAP, further data has been disclosed, apparently from alcoholic people and women who had abortions.
Millions of dollars in ransom demand
“We warned you that we always keep our word when we don’t receive a ransom – we are releasing this data because otherwise nobody will believe us in the future,” the group wrote. Yesterday she announced that she had demanded a ransom of one US dollar for each of the 9.7 million affected Medibank customers – the equivalent of a total of 9.5 million euros.
Medibank had announced that the company would not pay a ransom because this in no way ensured that the data would not be published anyway. In addition, they did not want to encourage other criminals to commit similar acts, said Medibank boss David Koczkar.
Prime Minister Anthony Albanese said: “I am disgusted with the criminals behind this criminal act.” He was also affected by the data theft.
Second major hacker attack within a very short time
In September, a hacker attack on the telecommunications group Optus, Australia’s second largest mobile operator, became known. Personal data was stolen from around nine million Australians, almost a third of the population. The hacking of Australia’s second largest mobile operator was one of the largest cyberattacks in the country’s history.