After Ransomware Gang Releases Sensitive Medical Data, Australia Vows Consequences

Last week Australia’s bigest health insurer, Medibank, said that data on all 4 million of its customers was breached. Now the group behind that breach “have since released more sensitive details of customers’ medical records on the dark web, including data on abortions and alcohol issues,” reports Australia’s public broadcaster.

Their article points out that the release “follows Medibank’s refusal to pay a ransom for the data, with almost 500,000 health claims stolen, along with personal information.” But what’s really interesting is that article’s headine:

‘Hunt down the scumbags’: Australian government to ‘hack the hackers’ behind Medibank breachThe Australian government is going to “hunt down the scumbags” responsible for the Medibank hack that compromised the private information of nearly 10 million customers, cyber security minister Clare O’Neil said…. “Around 100 officers around these two organisations will be a part of this joint standing operation, and many of these officers will be physically co-located from the Australian Signals Directorate,” she said. Ms. O’Neil said the officers will “show up to work every day” with the “goal of bringing down these gangs and thugs”.

“This is the formalisation of a partnership — a standing body within the Australian government which will day in, day out, hunt down the scumbags who are responsible for these malicious crimes against innocent people,” she said. “The smartest and toughest people in our country are going to hack the hackers….”

Australian Federal Police Commissioner Reece Kershaw on Friday said officers were also working with Interpol to track down the criminals. “We know who you are,” he said. “The AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.”
One Australian think tank told the Associated Press that the breach was caused by a stolen username and password, sold on a Russian dark web forum. “In a tweet, Australian Prime Minister Anthony Albanese, whose own Medibank data was stolen, said the Australian Federal Police knows where the hackers are and are working to bring them to justice,” reports TechCrunch: The cybercriminals claimed that they initially sought $10 million in ransom from Medibank before reducing the sum to $9.7 million, or $1 per affected customer, the blog said. “Unfortunately, we expect the criminal to continue to release stolen customer data each day,” Medibank CEO David Koczkar said on Friday. “These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care.”
Thanks to long-time Slashdot reader schwit1 for sharing the story.