Australia blames Russia for harboring health insurance hackers

The Australian Federal Police (AFP) has pointed to Russia as the location of the attackers who breached local health insurer Medibank, accessed almost ten million customer records, and in recent days dumped some customer data onto the dark web.

The release of customer data – some it containing intimate details of health services customers accessed using their insurance – came after Medibank refused to pay a ransom to secure the data on grounds that doing so would not guarantee customers' safety.

"We believe that those responsible for the breach are in Russia," AFP commissioner Reece Kershaw said in a statement issued on Friday afternoon, Australian time.

• Robin Banks crooks back at the table with fresh phish from Russia
• FBI: Russian hacktivists achieve only 'limited' DDoS success
• US Treasury thwarts DDoS attack from Russian Killnet group
• Upstart Ransom Cartel linked to REvil veterans

Kershaw added that the attack was conducted by "a group of loosely affiliated cyber criminals, who are likely responsible for past significant breaches in countries across the world."

That choice of words fits a description for notorious cyber gang REvil.

But Kershaw did not name any entity as responsible for the attack.

"We believe we know which individuals are responsible, but I will not be naming them," he said. "What I will say is that we will be holding talks with Russian law enforcement about these individuals."

If the attackers are in any way state-backed, that likely reflects Russian ire at Australia’s assistance for Ukraine – which has taken the form of donations of armed vehicles, humanitarian assistance, and training for Ukrainian forces. Russia has also been angered by Australia's role holding it accountable for the downing of Malaysian Airlines Flight 17 which carried 38 Australian residents and citizens when it was destroyed by a Russian missile.

Or perhaps Russian president Vladimir Putin's known liking for sowing chaos just found a new form of expression at Medibank.

Australian leaders have condemned Russia's role in the incident.

Ahead of Kershaw's announcement, prime minister Anthony Albanese said Russia "should also be held accountable for the … release of information, including the very private and personal information."

Minister for cyber security Claire O'Neill labelled the attackers "cyber thugs" whose actions were "sickening and morally reprehensible." ®