On Wednesday, the Justice Department claimed that two Russian intelligence agents who were supposed to help Americans hunt for hackers, instead directed a sweeping criminal conspiracy that broke into 500 million Yahoo accounts in 2014. The hackers also used the Yahoo data to send spam and steal credit card and gift card information. That theft included phone numbers, birth dates and weakly encrypted passwords and compromised the accounts of several million military and civilian government employees from dozens of nations, including more than 150,000 Americans. The attackers also sought to break into at least 50 Google accounts, including those of Russian officials and employees of a Russian cybersecurity firm.
The Russian government then used the information they obtained to focus on foreign officials, business executives and journalists, federal prosecutors said. The targets included numerous financial executives, executives at an American cloud computing company, an airline official and a casino regulator in Nevada.
Russian Agents Were Behind Yahoo Breach, US Says – New York Times https://t.co/sVO71laGYT
— Cathy H Miller (@CathyMiller1992) March 15, 2017
On Wednesday, prosecutors unsealed an indictment which contained 47 criminal charges against the two agents of Russia’s Federal Security Service, or F.S.B., as well as two outside hackers with whom they worked with on the scheme, one of the largest known thefts of data from a private corporation.
This is the first time officials of Russia’s F.S.B. have been indicted on cybercrime charges in the United States, said Jack Bennett, special agent in charge of the F.B.I.’s San Francisco office. For two years, Yahoo worked with the F.B.I. on the investigation, he said.
The indictment underscored the utter lack of cooperation between the American and Russian authorities on criminal breaches. One of the outside hackers, a Russian named Alexsey Belan, had been indicted twice before for three intrusions into American e-commerce companies and had been arrested in Europe, but escaped to Russia before he could be extradited. Prosecutors said they received no response to their requests to the Russian government to turn over Mr. Belan to the American authorities.
The wide-ranging attack comes as the United States government is investigating other Russian cyberattacks against American targets, including the theft of emails last year from the Democratic National Committee and attempts to break in to state election systems. Investigators are also examining communications between associates of President Trump and Russian officials that occurred during the presidential campaign.
The four men together face 47 criminal charges, including conspiracy, computer fraud, economic espionage, theft of trade secrets and aggravated identity theft, the Justice Department said in a news release.
The two agents of the F.S.B. who were charged are Igor Anatolyevich Sushchin, 43, a Russian national and resident, and Dmitry Aleksandrovich Dokuchaev, 33, a Russian national and resident,.
The other two defendants are Mr. Belan, 29, a Russian national and resident; and Karim Baratov, 22, a Canadian and Kazakh national and a resident of Canada. Mr. Baratov was arrested on Tuesday in Canada.