The Federal Government has sanctioned a Russian national for his involvement in the 2022 Medibank data breach. 

In October 2022, Medibank Private, one of Australia's largest health insurers, fell victim to a cyber-attack, compromising personal and medical data of 9.7 million customers. 

Following a failure to secure ransom, the perpetrators leaked sensitive information online, sparking widespread concern.

This week, the government announced Aleksandr Gennadievich Ermakov - linked to the notorious hacking syndicate REvil - was a key figure in this cyber intrusion.

The 33-year-old’s association with REvil, a group infamous for its cyber extortion schemes, has been used as a sign of the sophisticated network of international cybercrime impacting Australian shores.

Foreign Minister Penny Wong, alongside Home Affairs Minister Clare O’Neil and Deputy Prime Minister Richard Marles, unveiled the sanctions against Ermakov, including a travel ban and the freezing of assets. 

This marks the first application of Magnitsky-inspired sanctions in Australia, targeting individuals rather than states or governments for corruption and human rights abuses.

While these sanctions represent a firm stance against cybercrime, experts have questioned their direct impact on Ermakov, given the borderless nature of cybercrime.