top of page

Australia sanctions hacker in Medibank data breach case

After a months-long investigation authorities in Australia have identified a Russian hacker believed to be behind the country's worst data theft.



The Australian government has imposed "unprecedented" sanctions against a Russian man accused of hacking and carrying out the country's biggest data breach at insurer Medibank.


The cyber attack was carried out in November 2022 and it involved the stealing of sensitive medical records belonging to around 10 million people, one of whom was Australian Prime Minister Anthony Albanese.


Australia's 'most devastating' cyber attack


Following the attack, private health information was leaked on the dark web after the insurer refused to pay a multi-million dollar ransom to the hackers.


The attacker first released some of the most potentially harmful information, including data on drug abuse, sexually transmitted infections and pregnancy terminations.


"Medibank in my view was the single most devastating cyber attack we have experienced as a nation," Home Affairs Minister Clare O'Neil said on Tuesday.


The case marks the first instance Australia has used its cyber sanctions since legislating it in 2021. 

"This is the first time an Australian government has identified a cyber criminal and imposed cyber sanctions of this kind and it won't be the last," O'Neil told reporters.


How is Australia sanctioning the Medibank hacker?


The Russian hacker was identified after an 18-month-long investigation and Australian authorities have taken the rare step of naming the suspect.


The 33-year-old Russian hacker, who has been accused of stealing the data from Medibank which is Australia's largest private health insurance company, will face strict travel bans and financial sanctions.


The sanctions mean that any provision of assets — including cryptocurrency wallets or ransomware payments — to the hacker could be punished with up to 10 years in prison.


Source: Dw

Comments


bottom of page