The
But this is cold comfort for thousands innocent victims, many of whom continue to be threatened with the disclosure of their medical records if they refuse to pay a hefty ransom.
In September this year, hackers threatened to release the personal data of
The extortion demand has the potential to expose up to 3.9 million Australians to the possibility of fraud and identity theft, and those who claimed responsibility threatened to release the data of 1000 of the health insurance provider's 'most prominent customers' as a 'warning shot' if they did not get what they want.
"[W]e've found people with very interesting diagnoses. And we'll email them their information", the hackers are reported to have stated.
Since that time, the breach and threat have impacted thousands, concerned the confidential information uploaded to their insurer's site would be made public without their authorisation.
The extortion attempt has led to stress and anxiety, and in the context of numerous data breaches of large organisations over the past few months, led many to question whether companies and indeed government agencies should be allowed to have personal and sensitive information placed on servers which can easily be cracked by cyber-criminals.
On the advice from authorities,
That decision, while potentially dissuading other hackers from engaging in similar conduct, has cost 9.2 million Australian an incredible amount of distress because ultimately, they're innocent victims, completely powerless to do anything to stop the damage.
That said, many are asking questions about how the breach occurred, whether systems put in place by the company were sufficient and whether we should be allowing companies to store our personal information in servers that can be breached.
Indeed, it's all very well for heads of companies and government agencies to assert that cyber criminals are getting smarter and their scams more sophisticated, but all of us rely on the law for protection, and in this instance it has completely failed Australians, something that became obvious when
Meanwhile, the AFP is talking up its "significant runs on the scoreboard when it comes to bringing overseas offenders back to
But whatever the agency says, hackers appear free to continue to release information from the
In fact, hackers seem to be breaching data held by Australian organisations with increasing frequency and ease.
While
Even this information can be used in a number of ways — the most obvious being identity faud, scams and blackmail.
With such a high level of detail at their disposal, cyber criminals could easily commit identity theft, and very believable phishing scams. Crimes that could be perpetuated over the coming months or even years.
For
The AFP believes, at this point in time, that a group of "loosely affiliated cybercriminals" – but it has stopped short of naming names.
Cyber crime experts believe the individuals responsible may belong to, or have close links to, the Russian-based ransomware crime group, REvil which appeared in 2019, and was particularly active in 2021, but since then appeared to stop all activity.
The truth is cyber criminals are not easy to detect, harder still to actually catch. The AFP is now calling on Russian authorities to assist with its investigations – how likely and forthcoming cooperation will be is not certain, given
Unfortunately, at this point in time, cyber crime experts say that the reality is it will be virtually impossible for the AFP to bring these criminals to justice.
The repercussions for Mediabnk are likely to be severe though.
By comparison the
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
Ms
Sydney Criminal Lawyers
503/
Tel: 29261 8881
Fax: 29264 0880
E-mail: info@sydneycriminallawyers.com.au
URL: www.sydneycriminallawyers.com.au/
© Mondaq Ltd, 2022 - Tel. +44 (0)20 8544 8300 - http://www.mondaq.com, source