Australia accuses Russian-linked ransomware gang of breaching Medibank data

Brisbane, Australia

Cybercriminals with ties to Russia are behind a ransomware attack on one of Australia’s largest private health insurers that saw sensitive personal data posted on the dark web, the agency said on Friday. Australian Federal Police (AFP).

In a short press conference, AFP commissioner Reece Kershaw told reporters that investigators knew the identities of those responsible for the attack on health insurer Medibank, but he refused to give them any details. appoint.

“AFP is undertaking covert measures and working around the clock with our national agencies and international networks, including Interpol. This is important because we believe those responsible for the violation are in Russia,” he said. -he declares.

Medibank says the data stolen belongs to 9.7 million past and present customers – more than a third of Australia’s population – including around 20,000 international customers.

This week, the group began posting curated slices of customer data to the dark web, in files with titles such as good-list, naughty-list, abortions and boozy, which included those seeking help with their alcohol addiction.

Earlier on Friday, Australian Prime Minister Anthony Albanese said he was “disgusted” by the attacks and, without naming Russia, said the government of the country they came from should be held accountable.

“The country where these attacks originated should also be held accountable for the disgusting attacks and the release of information, including very private and personal information,” Albanese said.

Medibank first detected unusual activity in its network almost a month ago. On October 20, the company released a statement saying a “criminal” had stolen information from its health insurance system and international students, including names, addresses, phone numbers and some claim data. for procedures and diagnostics.

A ransom demand was made, but the company said after extensive consultation with cybercrime experts, it decided not to pay.

“We believe there is only a limited chance of paying a ransom to secure the return of our customers’ data and prevent it from being released,” Medibank said in a statement Monday.

In a statement on Friday, Medibank CEO David Koczkar said it was clear the criminal gang behind the breach “enjoyed notoriety” and was likely to release more information. each day.

“The relentless nature of this tactic used by the criminal is designed to cause distress and harm,” he said. “These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking treatment.”

cnn en2fr2en

Back to top button