WASHINGTON – The Department of Justice announced Wednesday the indictments of two Russian intelligence agents and two hackers in connection with the 2014 data theft of 500 million Yahoo user accounts.
The indictment targets two members of Russia’s Federal Security Service (FSB), its equivalent of the FBI or NSA, and two hackers “protected, directed, facilitated and paid” by the Russians.
The men together face 47 criminal charges, including fraud, economic espionage, theft of trade secrets and hacking. The indictment marks the first time the U.S. government has brought about criminal cyber charges against Russian government officials.
The United States does not have an extradition treaty with Russia.
“Once again, the Department and the FBI have demonstrated that hackers around the world can and will be exposed and held accountable,” Acting Assistant Attorney General Mary McCord said in a statement. “State actors may be using common criminals to access the data they want, but the indictment shows that our companies do not have to stand alone against this threat.”
One of the hackers, Karim Baratov, 22, a Canadian and Kazakh national who lives in Canada, was arrested in Canada on Tuesday, according to McCord. The other hacker is Alexsey Alexseyevich Belan, 29, a Russian national and resident.
The FSB agents are Dmitry Aleksandrovich Dokuchaev, 33, a Russian national and resident, and Igor Anatolyevich Sushchin, 43, a Russian national and resident.
“The FSB unit that [Dokuchaev and Sushchin] worked for, the Center for Information Security, also known as Center 18, is also the FBI’s point of contact in Moscow for cyber crime matters,” McCord said at an afternoon press conference announcing the charges. “The involvement and direction of FSB officers with law enforcement responsibilities makes this conduct that much more egregious.”
Yahoo reported the hack in 2014 and it is considered one of the largest data breaches in history. The company revealed in December 2016 that hackers in 2013 had accessed the account data of more than 1 billion users. It has not been determined if the two hacks are linked.
The defendants allegedly accessed Yahoo’s systems to steal information from 500 million Yahoo accounts. This information was used in turn to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, according to the Department of Justice.
“Some victim accounts were of predictable interest to the FSB, a foreign intelligence and law enforcement service, such as personal accounts belonging to Russian journalists; Russian and U.S. government officials; employees of a prominent Russian cybersecurity company; and numerous employees of other providers whose networks the conspirators sought to exploit,” the Justice Department said in a statement.
“However, other personal accounts belonged to employees of commercial entities, such as a Russian investment banking firm, a French transportation company, U.S. financial services and private equity firms, a Swiss bitcoin wallet and banking firm and a U.S. airline.”
Belan also allegedly used this access to Yahoo to make money, “searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign,” according to the Justice Department.
The charges brought against the four men are unrelated to the hacking of the Democratic National Committee and the FBI’s investigation into Russian interference in the 2016 presidential election.
The hacks, and Yahoo’s much-criticized slow response to them, led Yahoo to cut $350 million from its deal to sell its main assets to Verizon. The original deal was priced at $4.8 billion.