Friday 11 November 2022 05:20 AM Medibank hack: Police say Russian hackers behind attack, call for help from ... trends now
The Federal Police confirmed a Russian hacking group are behind the Medibank cyberattack and called on Russia to take 'responsibility and accountability'.
AFP Commissioner Reece Kershaw said in a press conference on Friday a Russian group were behind the hack.
'We believe that those responsible for the breach are in Russia,' Mr Kershaw said.
'We believe we know, which individuals are responsible but I will not be naming them.
'What I will say is that we will be holding talks with Russian law enforcement about these individuals.'
AFP Commissioner Reece Kershaw (pictured) confirmed a Russian hacking group are behind the Medibank cyberattack and called on Russia to take 'responsibility and accountability'
He said the group of 'loosely affiliated cyber criminals' are also responsible for past 'significant' data breaches across the world.
The Federal Police confirmed direct contact had been made with Moscow over the perpetrators of the attack.
'We will be holding talks with Russian law enforcement about these individuals,' he said.
Mr Kershaw also noted Russia benefits from the intelligence-sharing through Interpol, and said 'with that comes responsibilities and accountability'.
Mr Kershaw wrapped up the press conference with a defiant statement to cybercriminals.
'To the criminals, we know who you are, and moreover, the AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system,' he said.
'To the media and social media, I know you will do the right thing and continue to assist us in protecting the community by not aiding these criminals by posting or publishing this sensitive information.
'This is a time for all Australians – the community, business and law enforcement – to stand together and refuse to give these criminals the notoriety they seek'.
Friday's press conference comes hours after Prime Minister Anthony Albanese said those behind the attack will be named at Sydney's Remembrance Day ceremony.
Mr Albanese said: 'I am disgusted by the perpetrators of this criminal act and I've certainly authorised the AFP Commissioner later today to disclose where these attacks are coming from.
'We know where they're coming from, we know who is responsible and we say that they should be held to account.
'The AFP commissioner will be saying more today. But the fact is the nation where these attacks are coming from should also be held accountable for the ... release of information, including the very private and personal information.
'I say to those people who are distressed by this disclosure: We stand with you at this time.
'I also ask all of the media - and indeed all Australians - to not incentivise this behaviour by not disclosing any of this information which has been put on the dark web. We need to stand with each other at a time like this.'
At a press conference in Sydney after a Remembrance Day ceremony (above), Mr Albanese confirmed the new information on the security hack that has seen Australians' sensitive information exposed online, confirming the AFP 'know who is responsible'
The hackers had demanded a ransom to stop them from releasing the data, but Medibank earlier this week said it would not pay it. Pictured is a stock image of a hacker
Pictured is important advice for people affected by the Medibank and AHM data hacks
Mr Albanese's revelation came as those behind the Medibank data theft dumped a fresh file about customers with alcohol and mental health problems - after the government warned the 'smartest and toughest' people in Australia are coming after them.
The ransomware group claimed they had released more sensitive details of customers' medical records on the dark web.
'Added one more file Boozy.csv ...,' they wrote in a blog update in the early hours of Friday.
The file, which appears to be related to mental health and alcohol issues, comes after a data dump on Thursday named 'abortions.csv'.
'You telling that is disgusting (woof-woof), that we publish some data,' they wrote on Friday in the blog seen by AAP.
'But we warned you. we always keep our word, if we wouldn't receive a ransom - we should post this data, because nobody will believe us in the future.'
The group said on Thursday it had demanded a ransom of $US1 for each of Medibank's 9.7 million affected customers, for a total of $US9.7 million (almost $15million).
Home Affairs Minister Clare O'Neil has said she will share the frustrations of Medibank customers over a lack of communication and transparency with the company with its chief executive David Koczkar.
'I have had that raised with me by Medibank customers, of which I am one, and I will talk to him about the need for better communication from the company and I think they will step up to the plate if I make that request,' she told the Today Show.
Ms O'Neil said a lot of work was being done behind the scenes to 'wrap our arms around victims' and ensure support was available to them.
Ms O'Neil also admitted the health insurer had 'failed' in protecting the confidential information of its customers and had therefore lost their trust.
The home affairs minister said corporate Australia had been in a 'slumber' when it came to cybersecurity threats and that it was time to wake up.
'Now, it's come as a huge shock and the only thing that is good about any of this is that surely it is beyond question that corporate Australia
