Medibank hacker revealed as Russian cyber criminal Aleksandr Ermakov as federal government imposes sanctions

Australia has imposed cyber sanctions against a Russian man for his role in the high-profile Medibank hack in 2022 that compromised the personal details of more than 10 million Australians.

This is the first time an Australian Government has used its powers to name a cyber criminal and impose cyber sanctions following an 18-month investigation into the data breach of the health insurer.

“I can confirm that thanks to the hard work of the Australian Signals Directorate and the Australian Federal Police, we have linked Russian citizen and cyber criminal Aleksandr Ermakov to the attack,” Foreign Minister Penny Wong said on Tuesday.

“The sanctions imposed are targeted financial sanctions and a travel ban. This will mean it’s a criminal offence, punishable with up to 10 years imprisonment to provide assets to him or to use or deal with his assets, including through cryptocurrency, or ransomware payments.

“This is the first time that Australia’s autonomous cyber sanctions have been used. It sends a clear message — there’s costs and consequences for targeting Australia and targeting Australians.”

At least 9.7 million Australians had their personal records, including names, dates of birth, addresses, phone numbers and Medicare numbers, stolen in the 2022 attack with the majority being published on the dark web.

The incident — along with an Optus hack — raised questions about businesses collecting and storing the personal data of customers for such a long time.

Labor then strengthened its privacy laws by introducing new legislation where businesses are ordered to either pay $50 million, three times the value of any benefit obtained, or 30 per cent of a company’s adjusted turnover in the relevant period — whichever of the three is greater — for the misuse of information.

Deputy Prime Minister Richard Marles said Australia imposing the cyber sanctions was “a hugely significant and unprecedented step”.

“The sanctions that are put in place on Aleksandr Ermakov today and publicly naming him will have an enormous impact on his activities and send a very strong message to cyber criminals around the world that we mean business,” Mr Marles said.

“Medibank have been incredibly open in the way they have engaged with ASD. This has been fundamentally important in allowing ASD to do its work.”

Home Affairs Minister Clare O’Neil said Medibank was the single most devastating cyber attack Australia had experienced as a nation.

“We all went through it — literally millions of people having personal data about themselves, about their family members, taken from them, and cruelly placed online for others to see,” Ms O’Neil said.

“These people are cowards and they’re scum bags. They hide behind technology and today the Australian Government is saying that when we put our minds to it, we’ll unveil who you are, and we’ll make sure you are accountable.

“This is the first time an Australian Government has identified a cyber criminal and imposed cyber sanctions of this kind and it won’t be the last.”

The Government also announced further counter-terrorism and financing sanctions on 12 individuals and three entities who are linked to Hamas, Hezbollah, and Palestinian-Islamic Jihad.