The tranches of stolen data are being published on the ransomware group’s blog as downloadable files titled “good-list” and “naughty-list.” Thus far, the leaks have included information relating to patients’ home addresses, phone numbers, and passport numbers, as well as details about health conditions such as alcohol abuse, anxiety, cannabis dependence and opioid addictions.The Russian Federal Security Service (FSB) claimed to have dismantled REvil in January, following raids on 25 different locations across Moscow, St. Petersburg, and Lipetsk that resulted in the arrest of 14 people allegedly involved with the cyber gang’s operations.“What I will say is that we'll be holding talks with Russian law enforcement about these individuals,” he said, noting that as part of INTERPOL, Russia has an obligation to help bring the cybercriminals to justice.“Russia benefits from the intelligence-sharing and data shared through INTERPOL, and with that comes responsibilities and accountability.”He also reiterated that “the Australian government policy does not condone paying... ransoms to cyber criminals” and that doing so “fuels a cybercrime business model.”Medibank released a public statement on Monday morning declaring that “no ransom payment will be made to the criminal responsible for this data theft.”“Based on the extensive advice we have received from cybercrime experts we believe there is only a limited chance paying a ransom would ensure the return of our customers’ data and prevent it from being published,” the health insurer stated.“In fact, paying could have the opposite effect and encourage the criminal to directly extort our customers.”The Medibank hack follows a string of unrelated cyber attacks against Australian corporations in recent weeks and months, as citizens’ data have come under siege from hackers."