"We believe that those responsible for the crime are in Russia," police spokesman Kershaw said. "Our information points to a loosely affiliated group of cybercriminals who are also likely behind other major attacks around the world." Apparently, this group works in a similar way to a commercial enterprise with "business partners" in other countries.
According to Medibank, the hackers began publishing sensitive data about their approximately 9.7 million insured persons on the dark web on Wednesday. They were particularly perfidious: in addition to the names, dates of birth, addresses and passport numbers of those affected, they also published information on their medical findings and therapies. In order to cause as much damage as possible, they initially selected policyholders who were being treated for drug and alcohol abuse, sexually transmitted diseases or abortions.
The hackers had previously tried to blackmail the insurance company with the stolen data. According to Medibank, however, it refused to pay the ransom of $9.7 million – one dollar per victim. Prime Minister Anthony Albanese is also affected by the data theft from Australia's largest private health insurer.
According to police spokesman Kershaw, investigators now want to turn on Interpol and contact the authorities in Russia. "We will hold talks with the Russian investigative authorities about these people," he said. At the same time, he emphasized that Russia benefits from the exchange of information with Interpol, but that this is not a one-way street. However, Australian cybersecurity expert Thomas Haines doubted the success of such collaborative efforts.
These, in turn, reacted scornfully to the warnings: "We always keep our word," they explained on the Darknet. "We have to publish the data, otherwise nobody will believe us in the future."
According to cyber security experts, the notorious Russian hacker group Revil, which has already been blamed for attacks on US IT company Kaseya, Brazilian meat company JBS and pop star Lady Gaga, could be behind the data theft.
However, according to expert Haines, Australia is partly responsible for the success of these attacks. Since the country, unlike the EU, does not have strict protection regulations, many companies hoard personal data even if they do not need it - and do so without paying much attention to protecting it. This makes them a "lucrative target" for foreign hackers.
"For a while there was this saying: data is the new oil," Haines told the AFP news agency. "If data is indeed the new oil, then we are living in a period of weekly oil spills."