Hacker behind 2022 Medibank Data Breach Sanctioned by Australian Government

January 23, 2024

Three federal ministers, consisting of Deputy Prime Minister Richard Marles, Home Affairs Minister Clare O’Neil, and Foreign Minister Penny Wong, confirmed that Russian individual Aleksandr Ermakov was the individual behind the Medibank data breach that impacted nearly 10 million customers.

Hacker behind 2022 Medibank Data Breach Sanctioned by Australian Government - Adept IT Solutions | IT Service and Support Newcastle, Hunter and Central Coast

Medibank Data Breach – What happened?

The 2022 Medibank data breach was one of, if not the largest cyberattack ever seen in Australian history, coming mere weeks after the Optus data breach, solidifying the emergence and dangers of cyber threats. As one of Australia’s biggest health insurance providers, Medibank holds information that includes intimate medical records, adding further distress to customers impacted.

Medibank Data Breach – Government Response

The announcement made 23rd January 2024, is incredibly important in regard to the future of cybersecurity in Australia. Not only did they identify the culprit of the Medibank data breach, Aleksandr, by name, but they also announced it would be enforcing, for the very first time, the ability to sanction an individual under Australia’s new cyber laws.

In a separate statement, Foreign Minister Penny Wong went into further detail “The Australian government has imposed a targeted financial sanction and a travel ban on Aleksandr Ermakov,” Foreign Minister Wong said. “This sanction makes it a criminal offence, punishable by up to 10 years’ imprisonment and heavy fines, to provide assets to Aleksandr Ermakov, or to use or deal with his assets, including through cryptocurrency wallets or ransomware payments.”

According to the Australian Government, there are a number of Russian cyber gangs at the heart of the threats Australians face. The sanctions imposed are part of Australia’s attempts to hamper these organisations. This is due to the fact that many of these groups are working in clusters, according to Australian Cyber Security Head Abigail Bradshaw, so naming and identifying the cybercriminals will hurt their attempts to attack.

These sanctions are a part of the Albanese Government’s commitment in the 2023-2030 Australian Cyber Security Strategy to deter and respond to malicious cyber activity.

Cybersecurity is a critical aspect of any business, protecting the private data of organisations and their clients from malicious attacks similar to the Medibank data breach. Adept IT Solutions’ online Cybersecurity training platform provides an educational platform unmatched by our competitors. Our intuitive, tailored product can be personalized to the requirements of your business, ensuring that you have a custom product that educates your employees about targeted threats within industry sectors.

Cybersecurity Awareness Training

Adept IT Solutions’ Cybersecurity Awareness Training will provide your business with a detailed gap analysis, identifying and tracking individual risk areas for each participating employee. Once the system has collected this information, Adept IT Solutions’ Cybersecurity Awareness Training can provide your company with detailed monitoring and reporting. This will allow managers to see and understand employee’s progression, track overall performance, and demonstrate compliance throughout all levels of your business.

This training ensures that your employees can identify and report threats similar to the Medibank data breach with an understanding of the associated potential security risks.

Simulated Phishing

Adept IT Solutions’ Simulated Phishing platform has the ability to send out simulated phishing emails. These emails utilise realistic templates to create a practical assessment, enabling a real-world test of employee training. These emails are entirely harmless but provide a simulated example of the types of activities and information that hackers would attempt to harvest from your employees. Simulated Phishing provides a safe method for the practical assessment of employees and whether they illustrate a real risk to your business.

Policy Management

Adept IT Solutions’ Policy Management allows businesses to centralize and digitize your policies, this ensures that they can easily be rolled out, amended, and securely stored. Policies can be automated to send reminders to employees on a periodic basis.

Unique to other policy platforms, Adept IT Solutions can offer a variety of training tailored directly to you and your staff’s needs.

If you would like to know more about our targeted Cybersecurity Awareness & Training platform, please feel free to contact Adept IT Solutions on 1300 4 23378 (ADEPT) or email us at info@adept-it.com.au.

Check out our other articles