Russian Hacker Behind Medibank Hack Identified and Sanctioned by Australian Government

A Russian individual has been identified by the Australian Government as the culprit behind the 2022 Medibank hack, which compromised the personal information of over 4 million Australians. In an unprecedented move, the government has invoked cyber sanctions laws to penalize the hacker.

nn

At a joint press conference in Canberra, Foreign Minister Penny Wong, Home Affairs Minister Clare O’Neil, and Deputy Prime Minister Richard Marles revealed that the responsible individual is Aleksandr Ermakov, a Russian citizen and known cybercriminal. The government took this step after painstaking efforts by the Australian Signals Directorate (ASD) and the Australian Federal Police (AFP) to establish a direct link between Ermakov and the attack.

nn

The Medibank hack, one of the most devastating cyberattacks in Australia‘s history, resulted in the theft and subsequent publication of sensitive information on the dark web. This data breach impacted both current and former customers of Medibank Private, the country’s largest health insurer. The stolen information included names, addresses, birth dates, Medicare numbers, contact details, and claims data.

nn

Australia has utilized its autonomous cyber sanctions framework for the first time in imposing penalties on Ermakov. The sanctions include financial penalties and a travel ban, making it a criminal offense to provide assets, use, or deal with his assets, including cryptocurrency wallets or ransomware payments. Violators can face up to 10 years of imprisonment.

nn

The Australian Government has been collaborating not only with domestic entities such as Medibank Private, ASD, and AFP but also with international partners, including companies like Microsoft, to uncover the hacker’s identity and investigate the breach. This joint effort showcases the commitment of the Albanese Government in deterring and responding to malicious cyber activities, as outlined in the 2023-2030 Australian Cyber Security Strategy.

nn

Deputy Prime Minister Richard Marles commended Medibank Private for their cooperation and expressed confidence that the sanctions and public naming of Ermakov would significantly impact his future activities. Marles emphasized that this action sends a strong message to cybercriminals worldwide that the Australian Government is determined to hold them accountable.

nn

Minister for Foreign Affairs Penny Wong reaffirmed the government’s commitment to combating cybercrime and protecting Australians. Similarly, Minister for Home Affairs and Minister for Cyber Security Clare O’Neil condemned malicious cyber activity and urged businesses and individuals not to pay ransoms, as it only fuels criminal activity and makes Australia a more attractive target.