1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

Australia sanctions hacker in Medibank cyberattack

January 23, 2024

After a monthslong investigation authorities in Australia have identified a Russian hacker believed to be behind the country's worst data theft.

Australian Medibank
Medibank is Australia's largest health insurance providerImage: Rick Rycroft/AP Photo/picture alliance

The Australian government has imposed "unprecedented" sanctions against a Russian man accused of hacking and carrying out the country's biggest data breach at insurer Medibank.

The cyberattack was carried out in November 2022 and it involved the stealing of sensitive medical records belonging to around 10 million people, one of whom was Australian Prime Minister Anthony Albanese.

Australia's 'most devastating' cyberattack

Following the attack, private health information was leaked on the darknet after the insurer refused to pay a multi-million dollar ransom to the hackers.

The attacker first released some of the most potentially harmful information, including data on drug abuse, sexually transmitted infections and pregnancy terminations.

"Medibank in my view was the single most devastating cyberattack we have experienced as a nation," Home Affairs Minister Clare O'Neil said on Tuesday.

How much are hackers making?

16:14

This browser does not support the video element.

The case marks the first instance Australia has used its cyber sanctions since legislating it in 2021. 

"This is the first time an Australian government has identified a cybercriminal and imposed cyber sanctions of this kind and it won't be the last," O'Neil told reporters.

Medibank is Australia's largest private health insurance company.

How is Australia sanctioning the Medibank hacker?

The Russian hacker was identified after an 18-month-long investigation and Australian authorities have taken the rare step of naming the suspect.

The 33-year-old will face strict travel bans and financial sanctions.

The sanctions mean that any provision of assets — including cryptocurrency wallets or ransomware payments — to the hacker could be punished with up to 10 years in prison.

Shift - Living in the Digital Age

12:36

This browser does not support the video element.

mfi/ab (AFP, Reuters)

Skip next section DW's Top Story

DW's Top Story

Skip next section More stories from DW