16. Catching the Criminal: A Deep Dive into the Medibank Cyber Attack

2025-01-27

A cyber criminal has been caught two years after coordinating a cyber attack against Medibank, one of Australia’s largest private health care providers. The attack was ruthless, with the cyber criminal leaking stolen medical data, bit by bit into the public arena, including: HIV statuses, sexually transmitted diseases and abortion data. Who was the brutally brazen hacker behind this attack? How did they get caught and where did it all begin? GTC investigates in this episode: Catching the Criminal: A deep dive into the Medibank cyber a...

All information collected and used for this episode in publicly available from the following resources:

Resources mentioned in the episode:
OAIC - Medibank data breach alleged timeline.

https://www.oaic.gov.au/__data/assets/pdf_file/0037/228979/Medibank-data-breach-alleged-timeline-infographic.pdf

Intel 471 report

https://intel471.com/blog/medibanks-attacker-it-businessman-claimed-psychologist-and-alleged-cybercriminal

US Department of Treasury on REvil Ransomware Gang

https://home.treasury.gov/news/press-releases/jy2041

Medibank’s cyber crime update from Nov 7 2022:

https://www.medibank.com.au/livebetter/newsroom/post/medibank-cybercrime-update%207%20November

ABC News Article on the hacker

https://www.abc.net.au/news/2024-01-23/aleksandr-ermakov-medibank-private-data-breach-cyber-attack/103378142

Hacker detained in Russia