AFP logo at EBB Canberra

Statement by AFP Commissioner Reece Kershaw on Medibank Private data breach

11 November 2022, 3:40pm
Media Release

Statement by AFP Commissioner Reece Kershaw on Medibank Private data breach

Editor's Note: Vision of the press conference is available via hightail. 

I will make a short statement about the Medibank Private data breach but I will not take any questions because this is a very complex and serious ongoing investigation.

But I do want to address Australians today and give as much information as I can without putting at risk the criminal investigation.

I know Australians are angry, distressed and seeking answers about the highly-sensitive and deeply personal information that is being released by criminals who breached Medibank Private’s data base.

This is a crime that has the potential to impact on millions of Australians and damage a significant Australian business. 

This cyber attack is an unacceptable attack on Australia and it deserves a response that matches the malicious and far-reaching consequences that this crime is causing.

The AFP is undertaking covert measures and working around the clock with our domestic agencies and our international networks, including INTERPOL.

This is important because we believe that those responsible for the breach are in Russia.

Our intelligence points to a group of loosely affiliated cyber criminals, who are likely responsible for past significant breaches in countries across the world.

These cyber criminals are operating like a business with affiliates and associates, who are supporting the business.

We also believe some affiliates may be in other countries.

Everyone involved in this attack is a focus of the ongoing investigation through the AFP-led Operation Pallidus.

We believe we know which individuals are responsible but I will not be naming them.

What I will say is that we will be holding talks with Russian law enforcement about these individuals.

The AFP is responsible for the Australian INTERPOL National Central Bureau, which has direct contact with National Central Bureau Moscow.

INTERPOL National Central Bureaus cooperate on cross-border investigations, operations and arrests.

To take investigations beyond national borders, they can seek cooperation from any other National Central Bureau.

It is important to note that Russia benefits from the intelligence-sharing and data shared through INTERPOL, and with that comes responsibilities and accountability.

I have a number of messages today.

To the Australian public: The AFP and our partners are not going to give up in bringing those responsible to justice.

Investigators under Operation Guardian are also scouring the internet and dark web to identify people who are accessing this personal information and trying to profit from it.

To the criminals: We know who you are, and moreover, the AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system.

To the media and social media: I know you will do the right thing and continue to assist us in protecting the community by not aiding these criminals by posting or publishing this sensitive information.

This is a time for all Australians – the community, business and law enforcement – to stand together and refuse to give these criminals the notoriety they seek.

Can I make a plea to business: Ensure your systems are protected.

Cybercrime is the break and enter of the 21st Century and personal information is being used as currency.

Finally, I want to reiterate that Australian Government policy does not condone paying ransoms to cyber criminals.

Any ransom payment, small or large, fuels the cybercrime business model, putting other Australians at risk.

Media enquiries:

AFP Media: (02) 5126 9297

Connect with us: Follow our Facebook, Twitter, LinkedIn, Instagram and YouTube pages to learn more about what the AFP does to keep Australia safe.