Security News > 2024 > January > US, UK, Australia sanction REvil hacker behind Medibank data breach
The Australian, US, and UK governments have announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group.
Medibank is a large health insurance provider in Australia that suffered a ransomware attack in October 2022, causing operational and business disruption.
Following a lengthy investigation, the Australian authorities identified Ermakov as the person responsible for the Medibank hack and data theft.
The United States and United Kingdom also announced sanctions against Ermakov in a coordinated announcement with Australia.
In a press conference at Canberra, Australia's Home Affairs and Cyber Security Minister confirmed that Ermakov was a member of the REvil ransomware operation and he was not among the individuals that Russia detained in early 2022 under suspicion of being members of the REvil group.
As the sanctions in response to the Medibank Private cyber incident have a financial component, this means that whoever provides assets to Ermakov, including cryptocurrency or ransomware payments, would be committing an offense.
News URL
Related news
- US cancer center data breach exposes info of 827,000 patients (source)
- Hacker claims Giant Tiger data breach, leaks 2.8M records online (source)
- French unemployment agency data breach impacts 43 million people (source)
- 43 million workers potentially affected in France Travail data breach (source)
- Fujitsu found malware on several systems, confirms data breach (source)
- Fujitsu found malware on IT systems, confirms data breach (source)
- Fujitsu finds malware on company systems, investigates possible data breach (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems (source)
- Chinese snoops use F5, ConnectWise bugs to sell access into top US, UK networks (source)