Russian hackers carried out cyberattack on Medibank: Australia

In April, Australia's foreign intelligence agency warned that backing Ukraine could open the country up to reprisals from Russian hackers.

The hackers started leaking the data this week after Medibank, the country's largest health insurer, refused to pay a $9.7 million ransom.
AP Archive

The hackers started leaking the data this week after Medibank, the country's largest health insurer, refused to pay a $9.7 million ransom.

Russian hackers have carried out a cyberattack on a major Australian healthcare company that breached the data of 9.7 million people, including the country's prime minister, police have said.

The hackers started leaking the data this week after Medibank, the country's largest health insurer, refused to pay a $9.7 million ransom.

Australian Federal Police commissioner Reece Kershaw blamed the attack on Russia-based "cyber criminals".

"We believe those responsible for the breach are in Russia," he told reporters on Friday.

"Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches across the world."

The hackers have been drip-feeding the stolen data to a dark web forum.

The first leaks appeared to have been selected to cause maximum harm: targeting those who received treatment related to drug abuse, sexually transmitted infections, or pregnancy terminations.

Kershaw said the hackers also appeared to be supported by people living outside Russia.

"These cyber criminals are operating like a business with affiliates and associates who are supporting the business.

"We also believe that some affiliates may be in other countries."

He added that Australian police would be working with Interpol and seeking the cooperation of their counterparts in Russia.

"We'll be holding talks with Russian law enforcement about these individuals," he said.

"Russia benefits from the intelligence sharing and data shared through Interpol and with that comes responsibilities and accountability."

READ MORE: Hackers demand $10M to stop Australia health record leaks

Loading...

Retaliation threat

In April, Australia's foreign intelligence agency warned that backing Ukraine could open the country up to reprisals from Russian hackers.

"Russian-aligned cybercrime groups have threatened to conduct cyber operations in retaliation for perceived cyber offensives against the Russian government," the Australian Signals Directorate said in an advisory note.

"Some groups have also threatened to conduct cyber operations against countries and organisations providing materiel support to Ukraine."

Kershaw said police knew the identities of the hackers but he would not be naming them.

Cybersecurity analysts have suggested they could be linked to the Russian hacker group REvil.

REvil - an amalgam of ransomware and evil - was reportedly dismantled by Russian authorities earlier this year, after extracting an $11 million ransom from JBS Foods, a major food conglomerate.

READ MORE: US is neck-deep in the cyberwar with Russia

Route 6