Medibank breach: Russian hacker sanctioned for role in Australia’s biggest data theft


Australia, on Tuesday (Jan 23) sanctioned a Russian man named Aleksandr Ermakov for his role in the country’s worst data breach, which impacted nearly 10 million customers of insurer Medibank. Canberra announced first-of-its-kind sanctions which include a travel ban and financial penalties. 

About the sanctions

In late 2022, Medibank, Australia’s largest private health insurer, disclosed that a hacker had stolen the personal information of 9.7 million current and former customers, and released the data on the dark web. 

The files published online included sensitive information about millions of Australians, including abortion records and treatment received for mental health or addiction. 

WATCH | Australia sanctions Russian hacker for role in 2022 Medibank cyberattack

Australia has recently witnessed a spike in the number of cyber attacks, prompting the government to overhaul its cyber security rules last year and set up an agency to help coordinate responses.

This is the first time that Australia has imposed its cyber sanctions following a framework which was legislated in 2021. 

The sanctions against Ermakov, 33, also include financial sanctions and a travel ban, said Home Affairs Minister Clare O’Neil during a press briefing, describing the Medibank hack as “the single most devastating cyber-attack we have experienced as a nation”. 

“Literally millions of people having personal data about themselves, their family members, taken from them and cruelly placed online for others to see,” said O’Neil. 

She added, “These people are cowards and they’re scumbags. They hide behind technology and today, the Australian government is saying that when we put our minds to it, we’ll unveil who you are, and we’ll make sure you are accountable.” 

The sanctions imposed make it a criminal offence, punishable by up to 10 years in jail and fines, to provide Ermakov with any assets, including cryptocurrency wallets or ransomware payments.

O’Neil also said that officials are still investigating the data breach and many more may face penalties. While not much is known about Ermakov, Australian intelligence authorities say he is part of the infamous Russian cyber-crime gang REvil. 

‘Single most devastating cyber-attack’

A report by the Australian government, in November, showed that state-sponsored cyber groups and hackers had stepped up assaults on Australia’s critical infrastructure, businesses and homes. 

In the Medibank breach, hackers stole login details which granted them access to all of the insurers’ customer data which included athletes, prominent media figures and even Australian Prime Minister Anthony Albanese.

However, Medibank, with government support, refused to pay a multi-million dollar ransom after which the hackers published the data online. 

They first released files named “good-list” and “naughty-list” which included records of treatment for mental health, addiction, drug abuse and sexually transmitted infections. These files also contained people’s names, addresses, birthdates, and government ID numbers. 

The hacker group which is said to be behind this breach also released a file named “abortions.csv” which comprised information about some customers’ end-of-pregnancy procedures.

(With inputs from agencies)

 



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *