A Russian citizen, Alexander Ermakov, who goes by various online aliases, has been sanctioned by the governments of Australia, the U.K., and the U.S. for his involvement in a major cyberattack on Medibank, an Australian health insurance provider, in 2022.
Ermakov is accused of hacking into the Medibank network and stealing and leaking the personal and medical data of about 9.7 million current and former customers of the company. The data breach was carried out by the REvil ransomware gang, which has since ceased operations.
The sanctions prohibit anyone from dealing with Ermakov’s assets, including cryptocurrency wallets or ransomware payments, and impose a travel ban on him. Anyone who violates the sanctions could face up to 10 years in prison.
The U.K. government said the sanctions are part of their efforts to combat the malicious cyber activities of Russia, which threaten the security and prosperity of the U.K. and its allies.
The U.S. Treasury Department also criticized Russia for harboring and supporting cyber criminals who launch ransomware attacks against the U.S. and other countries, targeting their businesses and critical infrastructure. The Treasury Department urged Russia to take action to stop cyber criminals from operating freely in its territory.
“Russian cyber actors continue to launch disruptive ransomware attacks against the United States and allied countries, targeting our businesses, including critical infrastructure, to steal sensitive data,” said Under Secretary of the Treasury Brian E. Nelson.
“This action demonstrates that the United States stands with our partners to disrupt ransomware actors who victimize the backbone of our economies and critical infrastructure,” the Treasury Department said.