Australian police to Medibank hackers: 'We know who you are'

Getty Images The Medibank Private Limited logo is seen displayed on a smartphone screenGetty Images
The group behind the breach says more data will be released

Australian police say they have identified the Russian cyber-criminals holding the medical data of millions to ransom.

Hackers are demanding a dollar for each of the 9.7m sensitive records stolen from the medical insurer Medibank.

The hackers have published sensitive documents online including abortion records in an episode described in parliament as "morally reprehensible".

In a news conference, police warned hackers: "We know who you are".

Australian Federal Police Commissioner Reece Kershaw told reporters that police believe the hackers are in Russia but did not provide any evidence.

"We believe we know which individuals are responsible but I will not be naming them," he said.

The Commissioner said his team was holding talks with Russian law enforcement officials, and asked Moscow to help.

"Russia benefits from the intelligence-sharing and data shared through Interpol, and with that come responsibilities and accountability," he said.

Cyber-security researchers and western agencies have long accused Russia of harbouring cyber-crime gangs.

The website being used by the Medibank hackers to leak the sensitive material is being linked to a notorious gang called REvil which is thought to be based in Russia.

REvil carried out dozens of high-profile ransomware attacks - making hundreds of millions of dollars - until the gang was disrupted last year.

Multiple arrests of alleged members were made around the world including, in a highly unusual sign of international co-operation, in Russia.

FSB FSB officers arrest a manFSB
Russia's FSB released video footage of the REvil arrests but no convictions were ever publicised.

However, experts think some of the gang have resurfaced under a new guise and are responsible for the Medibank hack.

The hack has rocked Australia, with emotional scenes in parliament discussing the distress it's causing Australians.

Cyber Security Minister Clare O'Neil told politicians: "As the Minister for cyber-security, but more importantly as a woman, what has occurred here is morally reprehensible."

Medibank's refusal to pay a ransom for the data is being supported by the Australian government.

Watch: What is ransomware and how does it work?

Authorities have urged the public not to seek out the leaked files, which contain the names of policy holders rather than patients.

Medibank CEO David Koczkaro warned that the data release could stop people from seeking medical attention.

"These are real people behind this data and the misuse of their data is deplorable and may discourage them from seeking medical care," he said.

The data was stolen last month and is the latest in a string of major data breaches in Australian companies in recent months.