Russian hackers behind medical record theft: Australian police
Russian hackers were behind a cyberattack on a major Australian healthcare company that breached the data of 9.7 million people, including the country’s prime minister, police said Friday.
The hackers started leaking the data earlier this week after Medibank—the country’s largest health insurer—refused to pay a US$9.7 million (Aus$15 million) ransom.
Australian Federal Police commissioner Reece Kershaw blamed the attack on Russia-based “cyber criminals”.
“We believe those responsible for the breach are in Russia,” he told reporters.
“Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches across the world.”
The hackers have been drip-feeding the stolen data to a dark web forum, singling out hundreds of potentially compromising records related to drug addiction, alcohol abuse and sexually transmitted infections.
Kershaw said Australian police would be seeking the cooperation of their counterparts in Russia.
“We’ll be holding talks with Russian law enforcement about these individuals.”
Kershaw said police knew the identities of the hackers but he would not be naming them.
Cybersecurity analysts have suggested they could be linked to Russian hacker group REvil.
REvil—an amalgam of ransomware and evil—was reportedly dismantled by Russian authorities earlier this year, after extracting an $11 million ransom from JBS Foods.
Kershaw said Australian police were taking “covert measures” to bring the hackers to justice.
“To the criminals, you know we know who you are,” he said.
“The Australian Federal Police has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.”
Home Affairs minister Clare O’Neil on Thursday night said the “smartest and toughest” people in Australia were hunting down the hackers.
In a taunting reply posted to the dark web early Friday morning, the hackers said: “We always keep our word.”
“We should post this data, because nobody will believe us in the future.”