Australian Police Attribute ‘Over 11,000 Cybercrime Incidents’ to Medibank Breach

The joint police operation, in response to high-profile Australian hacks, has identified a significant number of cybercrime incidents, with over 11,000 incidents linked to the Medibank data breach. This underscores the wide-ranging consequences of data breaches, emphasizing the need for robust cybersecurity measures to protect personal information and prevent unauthorized access.

The disclosure of over 11,000 cybercrime incidents linked to the Medibank data breach comes from a submission by Victoria Police to a federal cybercrime inquiry. This provides insight into the scale of repercussions stemming from the incident and highlights the ongoing challenges in addressing the aftermath of data breaches.

‘Operation Guardian’ aims to collaborate across federal, state, and territory police, along with other organizations, to address the misuse of personally identifiable information (PII) resulting from data breaches. The joint effort is focused on identifying, disrupting, and prosecuting individuals attempting to exploit such compromised data, as outlined by the Australian Federal Police (AFP).

Operation Guardian, initially established to monitor the misuse of data from the Optus breach in 2022, has expanded its scope to include other incidents such as breaches at Medibank (2022), MyDeal (2022), Latitude Financial (2023), and the file transfer service GoAnywhere (2023). The joint police operation seeks to address cybercrime incidents related to these breaches and ensure appropriate actions against those involved in exploiting compromised data.

The joint police operation, Operation Guardian, highlights a case involving a Sydney man attempting to misuse stolen Optus data as a case study. The recent disclosure of over 11,000 cybercrime incidents linked to the Medibank data breach sheds light on the ongoing efforts of the joint operation to address the misuse of exfiltrated data, providing insights into the potential exploitation of compromised information from the breach affecting 9.7 million customers.

The statement from Victoria Police indicates that Operation Guardian has linked over 11,000 cybercrime incidents to the Medibank data breach. While it’s not immediately clear if the figure is specific to Victoria or reflects a national basis, it does offer an indication of the scale of alleged data exploitation related to the Medibank breach.

Operation Guardian, as outlined in the most recent AFP annual report, concentrates on matching ReportCyber reports of fraud or identity theft with relevant personally identifiable information (PII) datasets exposed online. ReportCyber serves as a national online register for the public to report cybercrime incidents or vulnerabilities.

Victoria Police, in its submission, emphasized the need for an extension of state laws to enable the “search and seize” of data from cloud services and other virtual environments. Although they have the authority to “search and seize cryptocurrency” due to recent changes, the submission highlights the lack of equivalent powers for cloud-based data.

Victoria Police, in its submission, underlined the necessity for robust tools and substantial data storage capabilities to support the forensic capture and production of seized electronic data. The force expressed the need for the capacity to handle terabytes of data per case and emphasized the importance of processing seized data to meet evidentiary standards. Additionally, Victoria Police highlighted the increasing challenge posed by the growing volume of data on devices and emphasized the importance of building capabilities to keep up with the rapid changes in the technology landscape.

Victoria Police emphasized the dynamic nature of technology in the cybercrime space, highlighting the need for modern tools and legislation that can adapt to rapid technological advancements. The force expressed a keen interest in developing capabilities for cybercrime intelligence but noted that its current resources are primarily focused on investigating reported cybercrimes. Despite facing a high rate of cybercrime reports relative to the population, the force acknowledged challenges in dedicating resources to intelligence-gathering and analysis.