The Australian Federal Police have addressed the Medibank Private data breach, revealing they believe the hackers responsible are in Russia.
Cyber Command assistant commissioner Justine Gough appeared in a press conference on Friday and said Australians were "angry, distressed and seeking answers" about the breach.
On October 13, Medibank revealed it had fallen victim to a cyber attack, during which the personal details of 9.7 million Australian customers were breached.
It is alleged the hackers demanded a ransom of US$9.7 million, threatening they would release the stolen data on the dark web.
Medibank has since confirmed that files containing customer data have been released on a dark web forum, which includes names, addresses, dates of birth, phone numbers, email addresses and in some cases passport numbers and health claims data.
Ms Gough said the crime had the potential to impact millions of Australians, and that the AFP believed to know which individuals were responsible, but would not be naming them.
"Our intelligence points to a group of loosely affiliated cyber criminals who are likely responsible for past significant breaches in countries across the world," Ms Gough said.
"These cyber criminals are operating like a business with affiliates and associates, who are supporting the business."
Ms Gough added that the Australian Government policy "did not condone" paying ransoms to cyber criminals.
"Any ransom payment, small or large, fuels the cybercrime business model, putting other Australians at risk," she said.
Operation Guardian - a joint initiative with state and territory police set up in September to protect more than 10,000 customers impacted by Optus data breach - has now been extended to the Medibank Private data breach.
Ms Gough said the AFP and partners would not give up on bringing those responsible to justice, and said Operation Guardian investigators were "scouring the internet and dark web to identify people accessing this personal information and trying to profit from it".
"To the criminals," Ms Gough said.
"We know who you are, and moreover, the AFP has some significant runs on the scoreboard when it comes to bringing overseas offenders back to Australia to face the justice system."
The AFP released a checklist of advice for the general public to follow in lieu of the cyber attack:
If you believe you are a victim of Cybercrime, report it to ReportCyber at cyber.gov.au.
If there is an imminent threat to your safety call Triple Zero.
Sign up for our newsletter to stay up to date.