The Justice Department has announced charges against four people, including two Russian security officials, over cybercrimes linked to a massive hack of millions of Yahoo user accounts.
Two of the defendants — Dmitry Dokuchaev and his superior, Igor Sushchin — are officers of the Russian Federal Security Service, or FSB. According to court documents, they hired two criminal hackers, Alexsey Belan and Karim Baratov, to access information that has intelligence value. Belan also allegedly used the information obtained for his personal financial gain.
"The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI's point of contact in Moscow on cybercrime matters, is beyond the pale," Acting Assistant Attorney General Mary McCord said.
Yesterday, Baratov was arrested in Canada. NPR's Greg Myre reports that the U.S. plans to seek his extradition, and that three other defendants are in Russia, which has no extradition treaty with the U.S.
The massive hack against at least 500 million Yahoo user accounts happened in 2014. The company publicly acknowledged the breach last September, saying at the time that a "state-sponsored actor" may have been responsible, without naming any foreign government. This prompted an investigation by U.S. authorities.
Months later, Yahoo revealed an even larger hacking incident impacting more than 1 billion accounts that occurred in 2013, as we reported. It's not clear whether the two breaches are related. The company has also indicated in regulatory filings that forged cookies might have been used to access user accounts.
9(MDAxOTAwOTE4MDEyMTkxMDAzNjczZDljZA004))