Russian Individual Sanctioned Over Alleged Involvement In Medibank Data Breach

Australia has issued sanctions on a Russian individual for their alleged involvement in the 2022 Medibank data breach.

Using the international powers for the first time, Russian citizen Aleksandr Ermakov has been issued a travel ban and “targeted financial sanctions”.

Under the sanctions, it is now a criminal act, punishable of up to 10 years imprisonment and hefty fines, to provide assets to Ermakov or to use or deal with his assets.

Stay up-to-date on the latest news with The National Briefing – keeping you in the loop with news as it hits:

The Australian Signals Directorate (ASD) and the Australian Federal Police investigated, alleging links were found of Ermakov to the attack.

Almost 10 million Australians’ private information including medical details, were compromised in the hack, with some published on the dark web.

Defence minister Richard Marles said the sanctions were a “hugely significant” step for the country in its response to cybersafety.

“Publicly naming him will have an enormous impact on his activities and send a strong message to cyber-criminals around the world that we mean business,” Mr Marles said.

Mr Marles acknowledged the work of Medibank during the attack, noting the business was “incredibly open” in the way they handled the breach.

“They have been incredibly open in the way they have engaged with ASD,” he said.

“It has been a fundamentally important example of how companies being willing to share their sensitive information with ASD allows investigations to occur in a way that that’s ended up with (this) result.”

Subscribe to The Briefing, Australia’s fastest-growing news podcast on Listnr today. The Briefing serves up the latest news headlines and a deep dive into a topic affecting you. All in under 20 minutes.