First published: 23 Jan 2024
Last updated: 23 Jan 2024

Content written for

Individuals & families
Small & medium business
Large organisations & infrastructure

Today Australia has imposed a cyber sanction under the Autonomous Sanctions Act 2011 on Russian national Aleksandr Ermakov for his role in the compromise of Medibank Private in 2022. This is the first time a sanction has been imposed under the Act.

ASD and the Australian Federal Police under Operation Aquila, together with other Commonwealth agencies and international partners, have worked tirelessly to link Aleksandr Ermakov to the compromise of Medibank Private and pursue other leads.

The Russian citizen and cybercriminal has been sanctioned for his role in the unauthorised release and publication on the dark web of 9.7 million records containing the personal information of Australians, including names, dates of birth, Medicare numbers, and sensitive medical information.

Financial sanctions now make it a criminal offence, punishable by up to 10 years' imprisonment and heavy fines, to provide assets to Aleksandr Ermakov or to use or deal with his assets, including through cryptocurrency wallets or ransomware payments. Aleksandr Ermakov is also banned from travelling to, or remaining in, Australia.

This announcement highlights the Government’s commitment in the 2023‑2030 Australian Cyber Security Strategy to deter and respond to malicious cyber activity, including through the use of sanctions.

For more information on this announcement, read the joint media release from the Hon Richard Marles MP, Deputy Prime Minister and Minister for Defence; Senator Penny Wong, Leader of the Government in the Senate and Minister for Foreign Affairs; and the Hon Claire O’Neil MP, Minister for Home Affairs and Cyber Security.

Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it