The United States has joined Australia and the United Kingdom in imposing sanctions on Russian hacker Alexander Ermakov over his role in the ransomware attack against health care insurer Medibank.
In 2022, Ermakov infiltrated the Medibank network and stole personally identifiable and sensitive health information of approximately 9.7 million former and current customers.
The cyberactor demanded a $10 million ransom from the health insurer and then dumped the stolen database on the dark web when Medibank CEO David Koczkar refused to pay.
On Tuesday, Australia sanctioned Ermakov who, according to intelligence authorities, is a member of the notorious Russian ransomware group REvil.
Clare O’Neil, Australia’s home affairs minister, called the Medibank hack the “single most devastating cyberattack we have experienced as a nation.” She added that authorities continue to investigate the incident and vowed to hold everyone involved accountable.
“Today’s trilateral action with Australia and the United Kingdom, the first such coordinated action, underscores our collective resolve to hold these criminals to account,” Treasury Undersecretary Brian Nelson said.
