Government identifies Medibank hacker who compromised over 9 million Australians
- Replies 8
In an era where data is the new gold, cybercriminals are the new-age pirates.
The Australian government has named the pirate for orchestrating a massive data breach that compromised the personal details of over 10 million Australians.
In October 2022, Medibank, one of Australia's leading health insurance providers, fell victim to a cyber attack that left 9.7 million customers' personal data exposed.
The compromised information included names, dates of birth, addresses, and phone numbers. Some of this data even found its way to the dark web, a notorious online marketplace for illegal activities.
The man behind this cyber onslaught?
Aleksandr Ermakov—a Russian national with a notorious reputation in the cybercrime world.
The Australian government, in a joint operation with the Australian Signals Directorate, the Australian Federal Police, and international partners, was able to link Ermakov to the Medibank hack.
The Australian government used its cyber-sanction powers for the first time, making it a criminal offence to provide assets, overhaul, or use or deal with Ermakov's assets, including through cryptocurrency wallets or ransomware payments.
Any breaches of these sanctions could lead to a prison sentence of up to 10 years.
Home Affairs Minister Clare O'Neil didn't mince words when addressing the issue. She labelled the cybercriminals as 'cowards and scumbags who hide behind technology'.
'This is a very important day for cyber security in our country,' she said.
'It has helped us understand the enormous cost is a problem...and showed us something about the calibre of people we are dealing with.’
Source: YouTube/7News Australia
The sanctions imposed on Ermakov are part of Australia's broader efforts to cripple these organisations.
Foreign Affairs Minister Penny Wong echoed this sentiment, stating that the sanctions send a clear message: 'There are costs and consequences for targeting Australia and targeting Australians.'
‘The sanctions are part of Australia's efforts to ensure that we uphold the international rules-based order,’ she added.
The Medibank hack is not an isolated incident.
In a previous story, Australia’s most popular brands were victims of the recent cyber attacks that left thousands of customers’ personal information compromised and fraudulent transactions carried out in their names.
The hackers are believed to have purchased stolen login details from overseas cybercriminals, allowing them to access customers' online accounts. Read more about it here.
According to the government, several Russian cyber gangs pose significant threats to Australians.
These groups are dynamic, often working in clusters, making it challenging to track and counter their activities.
One is a sophisticated hack allowing cybercriminals to access Google accounts without needing the user’s password. This hack isn’t only done by Russian cybercriminals but by those capable of infiltrating our digital lives.
Security researchers at CloudSEK found a dangerous form of malware that uses third-party cookies to gain unauthorised access to people’s private data. You can read more about this latest threat here.
The Medibank hack and similar incidents are a reminder that in the digital world, we're all potential targets. But by staying informed and taking proactive steps, we can protect ourselves from these cybercriminals.
Have you been affected by a data breach? What steps are you taking to protect your personal information? Share your thoughts and experiences in the comments below.
The Australian government has named the pirate for orchestrating a massive data breach that compromised the personal details of over 10 million Australians.
In October 2022, Medibank, one of Australia's leading health insurance providers, fell victim to a cyber attack that left 9.7 million customers' personal data exposed.
The compromised information included names, dates of birth, addresses, and phone numbers. Some of this data even found its way to the dark web, a notorious online marketplace for illegal activities.
The Australian government identified the cybercriminal responsible for the Medibank hacking incident. Credit: 7News Australia / Youtube & Department of Foreign Affairs and Trade
The man behind this cyber onslaught?
Aleksandr Ermakov—a Russian national with a notorious reputation in the cybercrime world.
The Australian government, in a joint operation with the Australian Signals Directorate, the Australian Federal Police, and international partners, was able to link Ermakov to the Medibank hack.
The Australian government used its cyber-sanction powers for the first time, making it a criminal offence to provide assets, overhaul, or use or deal with Ermakov's assets, including through cryptocurrency wallets or ransomware payments.
Any breaches of these sanctions could lead to a prison sentence of up to 10 years.
Home Affairs Minister Clare O'Neil didn't mince words when addressing the issue. She labelled the cybercriminals as 'cowards and scumbags who hide behind technology'.
'This is a very important day for cyber security in our country,' she said.
'It has helped us understand the enormous cost is a problem...and showed us something about the calibre of people we are dealing with.’
Source: YouTube/7News Australia
The sanctions imposed on Ermakov are part of Australia's broader efforts to cripple these organisations.
Foreign Affairs Minister Penny Wong echoed this sentiment, stating that the sanctions send a clear message: 'There are costs and consequences for targeting Australia and targeting Australians.'
‘The sanctions are part of Australia's efforts to ensure that we uphold the international rules-based order,’ she added.
The Medibank hack is not an isolated incident.
In a previous story, Australia’s most popular brands were victims of the recent cyber attacks that left thousands of customers’ personal information compromised and fraudulent transactions carried out in their names.
The hackers are believed to have purchased stolen login details from overseas cybercriminals, allowing them to access customers' online accounts. Read more about it here.
According to the government, several Russian cyber gangs pose significant threats to Australians.
These groups are dynamic, often working in clusters, making it challenging to track and counter their activities.
One is a sophisticated hack allowing cybercriminals to access Google accounts without needing the user’s password. This hack isn’t only done by Russian cybercriminals but by those capable of infiltrating our digital lives.
Security researchers at CloudSEK found a dangerous form of malware that uses third-party cookies to gain unauthorised access to people’s private data. You can read more about this latest threat here.
Have you been affected by a data breach? What steps are you taking to protect your personal information? Share your thoughts and experiences in the comments below.
.png){kind=icon}
