Medibank hack: Russian sanctioned over Australia's worst data breach – BBC.com

A Russian man has been named and sanctioned for his role in Australia's worst data breach.
The personal information of 9.7m Australians was stolen from the country's largest health insurer, Medibank, in late 2022.
Sensitive documents, including abortion records, were then posted online.
The cyber sanctions – the first of their kind in Australia – include financial penalties and a travel ban for Aleksandr Ermakov.
Little has been made public about Mr Ermakov, but Australian intelligence authorities say he is part of the infamous Russian cyber-crime gang REvil – which has been linked to attacks across Europe, the US and UK.
Announcing the measures on Tuesday, Home Affairs Minister Clare O'Neil described the Medibank hack as "the single most devastating cyber-attack we have experienced as a nation".
"Literally millions of people having personal data about themselves, their family members, taken from them and cruelly placed online for others to see," she said.
"These people are cowards and scumbags… we'll unveil who you are and we'll make sure you're accountable."
Authorities are still investigating the breach, Ms O'Neil added, and more people may face penalties.
It is the first time the government has used cyber sanctions legislation, passed in 2021, which applies financial punishments to people involved in significant online attacks.
Australia has faced a string of large data breaches in recent years, but few – if any – have rocked the country like the Medibank hack.
The cyber criminals had stolen login details which granted them access to all of Medibank's customer data – including the medical records of everyone from athletes and media figures to the Prime Minister Anthony Albanese.
They began posting the data online after the insurer – with the government's support – refused to pay a ransom.
They first released a set of files named "good-list" and "naughty-list" which contained, among other things, people's health claims data – including records of treatment for mental health or addiction – as well as names, addresses, birthdates, and government ID numbers. Soon after they posted: "added one more file abortions.csv…", about some customer's end of pregnancy procedures.
Medibank at the time apologised for what it called the "malicious weaponisation" of private information, with CEO David Koczkaro warning that the data release could stop people from seeking medical assistance.
Several class actions – which argue the firms should have better protected such sensitive data – have since been launched.
Police investigate the vandalism in Melbourne – which included graffiti saying "the colony will fall".
Regulator admits key security procedure on X account was suspended six months before it was hacked.
It hopes to help fill a shortfall in cyber security staff.
His legacy includes Australia's pandemic response, the Aukus security pact, and several controversies.
Scott Morrison was once considered a "miracle-worker", but his popularity plunged amid controversies.
Copyright 2024 BBC. All rights reserved.  The BBC is not responsible for the content of external sites. Read about our approach to external linking.
Beta Terms By using the Beta Site, you agree that such use is at your own risk and you know that the Beta Site may include known or unknown bugs or errors, that we have no obligation to make this Beta Site available with or without charge for any period of time, nor to make it available at all, and that nothing in these Beta Terms or your use of the Beta Site creates any employment relationship between you and us. The Beta Site is provided on an “as is” and “as available” basis and we make no warranty to you of any kind, express or implied.
In case of conflict between these Beta Terms and the BBC Terms of Use these Beta Terms shall prevail.

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *