Content

Events
About

“We know who you are” says AFP to Medibank hackers

Olivia Powell | 11/14/2022

The hackers responsible for a cyber attack against Australian health insurer Medibank have been identified by the Australian Federal Police (AFP) as being associated with Russia.

The breach, which was initially identified on October 13, saw 200GB of data stolen, 9.7 million people affected and the private medical details for a significant number of people distributed on the dark web.

Commissioner of the AFP, Reese Kershaw, directly addressed the hackers, saying “we know who you are”. He also said that the AFP believed they had identified which gang was behind the cyber attack, but that they do not current plan to reveal this information.

The AFP identified the hackers while working with Interpol, who Russia will be accountable to. This confirms what has been potentially suspected about the data breach since messages from the hacker were posted on a dark web site backed by Russian ransomware gang REvil.

“Our intelligence points to a group of loosely affiliated cybercriminals who are likely responsible for past significant breaches in countries across the world,” Kershaw said.

“These cybercriminals are operating like a business, with affiliates and associates who are supporting the business.

“To the criminals – we know who you are and, moreover, the AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.”

The commissioner said that the AFP will be talking with Russian law enforcement about the people they had identified, although they did note that this does not necessarily mean all of those involved in the cyber attack are based in Russia.

Kershaw said the AFP is also “scouring the dark web” for any evidence of malicious actors using the leaked data for wrongdoing and that they would take “swift action” against anyone who attempts to “benefit, exploit or commit criminal offences using stolen Medibank customer data”.

Regarding the release of private data on the dark web, CEO of Medibank, David Koczkar, said: “I unreservedly apologize to our customers. The continued release of this stolen data on the dark web is disgraceful. Unfortunately, we expect the criminal to continue to release stolen customer data each day.

“These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care. It is obvious the criminal is enjoying the notoriety. Our single focus is the health and wellbeing and care of our customers.”

Koczkar continued: “We remain committed to fully and transparently communicating with customers and we will be contacting customers whose data has been released on the dark web.” 

Upcoming Events


15th Annual Automotive Cybersecurity Detroit 2025

March 11 - 13, 2025
The Henry Hotel, Dearborn, Michigan, US
Register Now | View Agenda | Learn More


Digital Identity Week

09 - 10 September, 2025
Sydney, Australia
Register Now | View Agenda | Learn More

MORE EVENTS