Australian officials said Friday that Moscow must be responsible for the hacking of Australia’s largest health insurer and the dumping of customers’ medical records on the dark web.
The Australian Federal Police blamed the crime that resulted in the personal data of 9.7 million current and former Medibank customers being stolen from the perpetrators.
The Medibank attack, as well as other significant security breaches around the world, are likely to have been caused by a group of “loosely affiliated cybercriminals” operating like a business in Russia, according to the Australian Federal Police Commissioner.
I will not say which individuals are responsible, but I will say that we are holding talks with Russian law enforcement about these individuals.
The Prime Minister said that he had authorized the police to reveal where the attack had come from.
Albanese said: We know where they are coming from, we know who is responsible, and we want them held to account.
The nation where these attacks are coming from should be held accountable for the disgusting attacks and the release of information, he Added
An official from the Russian Embassy in Australia could not be reached for comment.
Ravil, also known as Sodinokibi, is a high-profile Russian cybercrime gang that is linked to extortionists.
The Russian Federal Security Service said in January that Ravil had ceased to exist after several arrests were made.
The old Ravil dark website had started redirecting traffic to a new site.
The director of the Australian Strategic Policy Institute thinks tank said he was not surprised that the gang was based in Russia.
A Medibank employee’s password was sold on a Russian dark web forum, Hanson said.
The culprits operating in Russia would not be brought to justice.
Australia could use its offensive cyber capabilities against the gang in Russia and prosecute their affiliates in other countries.
Hanson told the Australian Broadcasting Corp it was unlikely that the group would go to jail.
Cybercriminals dumped personal medical records on the dark web on Friday, this time focusing on alcohol-related illnesses.
The criminals have a “naughty” list of customer records, including treatments for HIV and drug addiction.
The focus was on terminated pregnancies in Thursday’s dump and on Friday to conditions related to harmful levels of alcohol consumption, in a file the thieves labeled “boozy.
The phone numbers and email addresses of many more customers have been made public which could make them vulnerable to identity theft or fraud.
David Koczkar, the CEO of Medibank, said that his company was reaching out to exposed customers.
The daily dumps were designed to cause distress and harm and he expected them to continue.
The misuse of their data may discourage them from seeking medical care because they are real people behind this data.
Medibank was blamed by the gang for their failure to pay the $9.7 million demand.
But we warned you of that. We should post this data because nobody will believe us in the future if we don’t receive a ransom, they said on Friday.
Australian government policy does not condone paying ransom to criminals.
The cybercrime business model puts other Australians at risk by making small or large ransom payments.
Australian authorities hope the data stays confined to the dark web and is not spread to a wider audience by social media or the news media.
The data shouldn’t be accessed by anyone.
It’s causing a lot of distress in the community and we need to provide a disincentive for this sort of criminal behavior.
The government acknowledges this and we are doing all we can to limit the impact of this and to provide support to people who are going through a difficult time.