Risky Bulletin Newsletter
January 24, 2024
Risky Biz News: AU, UK, US sanction Russian behind Medibank ransomware attack
Presented by

News Editor
Australia, the UK, and the US have sanctioned a Russian national for his role in a ransomware attack on Australian private insurance provider Medibank in October 2022.
Identified as Alexander Ermakov, he is believed to be connected to the REvil ransomware operation, where he allegedly operated under pseudonyms such as GustaveDore, JimJones, Blade_Runner, and aiiis_ermak. Ermakov is believed to be 33 and a resident of Moscow.
Officials say Ermakov was a "pivotal" and "key actor" in REvil's attack on Medibank, considered one of Australia's worst cybersecurity incidents.