The U.S. Justice Department is charging four Russians – including two officers of the Russian Federal Security Service (FSB) – for hacking Yahoo! Inc. (NASDAQ:YHOO).
In a statement, the Justice Department said the Russians were indicted by a grand jury in the Northern District of California for hacking, economic espionage and other criminal offenses in connection with a conspiracy to access Yahoo’s network and the contents of webmail accounts.
The defendants are Dmitry Dokuchaev; Igor Sushchin, Alexsey Belan, and Karim Baratov. Dokuchaev was an officer in the FSB Center for Information Security. Sushchin was also an FSB officer, a superior to Dokuchaev within the FSB.
The defendants used unauthorized access to Yahoo’s systems to steal information from about at least 500 million accounts. They used some of the stolen data to obtain unauthorized access to accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials and private-sector employees of financial, transportation and other companies.
One of the defendants also exploited his access to Yahoo’s network for his personal financial gain.
The charges were announced by Attorney General Jeff Sessions of the Department of Justice; Director James Comey of the FBI; Acting Assistant Attorney General Mary McCord of the National Security Division; U.S. Attorney Brian Stretch for the Northern District of California; and Executive Assistant Director Paul Abbate of the FBI’s Criminal, Cyber, Response and Services Branch.
“Cybercrime poses a significant threat to our nation’s security and prosperity, and this is one of the largest data breaches in history,” said Attorney General Jeff Sessions of the Justice Department.
“The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law,” Sessions added.
Allegations
The FSB officer defendants, Dokuchaev and Sushchin, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the U.S., according to the department.
They worked with co-defendants Belan and Baratov to obtain access to the email accounts of thousands of individuals.
In 2014, Belan stole a copy of at least a portion of Yahoo’s User Database (UDB).
The UDB is a Yahoo trade secret that contained, among other data, the subscriber information including users’ names, recovery email accounts, phone numbers and other information.
Belan also obtained unauthorized access on behalf of the FSB conspirators to the company’s Account Management Tool (AMT). Belan, Dokuchaev and Sushchin then used the stolen UDB copy and AMT access to locate Yahoo email accounts of interest and to mint cookies for those accounts.
Some victim accounts were of predictable interest to the Russian intelligence agency such as personal accounts belonging to Russian journalists; Russian and U.S. government officials; employees of a prominent Russian cyber security company; and numerous employees of other providers whose networks the conspirators sought to exploit.
The case is being prosecuted by the Justice Department National Security Division’s Counterintelligence and Export Control Section and the Attorney’s Office for the Northern District of California, with support from the Justice Department’s Office of International Affairs.