One of the major suppliers to the Australian insurance industry, Medibank, was the target of a cyberattack on November 11, 2022. Extremely private information about patients was made public during the disastrous occurrence.
On October 20, 2022, hackers launched their first attack against Medibank, successfully gaining access to the personal data of 9.7 million customers. The insurance company’s refusal to pay the ransom demanded to keep the data private started a series of events that resulted in a tragic situation. The information was published gradually; first, details about medical care, including the recuperation and mental health care, were publicly disclosed. Information regarding those who had sought and had abortions, as well as information about alcohol and drug addiction recovery, was subsequently made public. Names, addresses, dates of birth, phone numbers, and email addresses are a few examples of sensitive information that have been released. Although any data leak is terrible because it involves sensitive information, those who have experienced domestic or familial violence or reproductive coercion and abuse are especially at risk.
The attack appears to be related to a Russian cyber gang. Apparently, the information was published on a dark web forum associated with REVil, which Police Commissioner Reece Kershaw described as “a group of loosely affiliated cybercriminals who are likely responsible for past significant breaches in countries across the world.” Since Revil is a ransomware-as-a-service (RaaS) operation with a Russian base (also known as Sodinokibi), it can be rented similarly to how software developers rent SaaS. The Russian organization demanded a $10 million ransom. The amount of the ransom increased to $15 million.
For Australian residents and businesses in general, this attack has been devastating. Given that it is against Australian privacy regulations for individuals to seek out data released by the breach on their own, the harm might be even worse. Additionally, those who attempt to purchase stolen information would face a 10-year prison sentence.
However, this was not Australia’s only cyber-related accident this year. In September, extortion attempts were made against Optus, Australia’s second-largest telecommunications company, after a cyberattack resulted in the theft of the personal information of nearly 10 million subscribers. Users’ names, dates of birth, phone numbers, email addresses, and, for a subset of customers, addresses and ID document numbers like driver’s licenses or passport numbers, are among the data that may have been exposed. Many Australian individuals who were impacted by both breaches have come forward.
According to the commissioner of the federal police, his agency was “undertaking covert steps” and working with domestic and international networks, including Interpol, to identify the hackers who carried out the attack.
Author: Cecilia Benedetti
B.Cyber 
Leave a Reply