The first data stolen and released by Medibank appears to have been targeted to cause significant harm, targeting patients being treated for a sexually transmitted infection or drug addiction. RICK RYCROFT/AP
Australian police announced on Friday (November 11) that Russian hackers were behind the Medibank cyber attack. The major Australian insurance group admitted this week that hackers were able to access the personal information of 9.7 million former and current policyholders.
“We believe that those responsible for the leaks are in Russia,” Australian Federal Police Commissioner Reece Kershaw told reporters. “Our information reveals a loosely affiliated group of cybercriminals who are likely responsible for significant past breaches around the world,” he said, adding that Australian police would seek help from their Russian counterparts.
After posting a first “sample” of the stolen data on Wednesday, the hackers posted a second on Thursday on a dark web forum – which cannot be found with normal browsers.
The first data disclosed appear to have been selected to cause significant harm and target people being treated for drug addiction, a sexually transmitted infection or an abortion.
“We know who you are”
The hackers on Thursday demanded a ransom of 10 million US dollars (9.7 million euros). The insurer has so far refused to pay.
Mr Kershaw said he knew the names of the hackers but refused to reveal them. Cybersecurity analysts have suggested the attack had some characteristics linked to a Russian hacking group called REvil, which had previously targeted Brazilian meat giant JBS and pop star Lady Gaga, among others. The group was reportedly disbanded by Russian authorities earlier this year after they extorted a $11 million ransom from JBS.
Read Also REvil, Large Group Of Cybercriminals Dismantled At Request Of United States, Russia Announces
Mr Kershaw said Australian police were taking “covert steps” to bring the pirates to justice. “We know who you are,” he told the criminals. “The Australian Federal Police have in the past scored quite a few points when it came to bringing foreign criminals back to Australia to be brought to justice,” said the Australian Federal Police Commissioner.
Australian Home Secretary Clare O’Neil said on Thursday evening that the “smartest and toughest” people in the country were on the hunt for hackers. Ms. O’Neil called these hackers “filthy criminals”.
In the first leaked data, the victims were divided into two lists of “good guys” and “bad guys”. Several people on the “Villains” list have been linked to numerical codes that associate them with HIV infection or drug or alcohol addiction. For example, one file contained the mention “p_diag:F122”. “F122” is the code for “cannabis addiction” according to the International Classification of Diseases published by the World Health Organization (WHO).
This data also included names, passport numbers, dates of birth and addresses.
Also listen to Cyber Attacks: Battle rages between Russia and Ukraine