Connect with us

Hi, what are you looking for?



A Sanction Has Been Imposed on a Hacker Who Released Australian Health Insurer Client Data

Russian national sanctioned by the Australian government for his role in the Medibank attack impacting more than 10 million Australians.

A Russian national has been sanctioned by the Australian government for his role in a cyber attack that compromised the personal information of more than 10 million Australians.

In October 2022, client data from Medibank, Australia’s largest health insurer, was released by an extortionist, including details of HIV diagnoses and drug abuse treatments, after the company refused to pay a ransom for the personal records of current and former customers.

On Tuesday, the Australian government imposed its cyber sanction powers for the first time against Aleksandr Ermakov after Australian Federal Police and intelligence agencies, with support from undisclosed ‘global partners’ made the link between the Russian citizen and the cyber attack.

Australian Deputy Prime Minister Richard Marles said the sanctions imposed are part of Australia’s efforts to expose cyber criminals and debilitate groups engaging in cyber attacks.

“In our current strategic circumstances we continue to see governments, critical infrastructure, businesses and households in Australia targeted by malicious cyber actors,” Marles said in a statement on Tuesday.

“We continue to work with our friends and partners around the world to ensure cyber criminals are held to account for their actions and we will relentlessly pursue activities which disrupt their capability to target Australians in the cyber space.”

This sanction makes it a criminal offence, punishable by up to 10 years’ imprisonment, to provide assets to Ermakov, or to use or deal with his assets, including through cryptocurrency wallets or ransomware payments.

Foreign Affairs Minister Penny Wong said the sanction sends a clear message to cyber criminals.

Advertisement. Scroll to continue reading.

“There are costs and consequences for targeting Australia and targeting Australians,” she said in a statement.

Related: US, UK Announce Charges and Sanctions Against Two Russian Hackers

Related: US Sanctions Cryptocurrency Mixer Sinbad for Aiding North Korean Hackers

Related: US Sanctions Russian National for Helping Ransomware Groups Launder Money

Written By


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Data Breaches

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. 

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.


Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.