Acting assistant attorney general Mary McCord said Alexsey Belan had been on the government’s criminal radar for years given his past breaches of e-commerce sites before he took part in an alleged conspiracy with three other men to steal the personal information of at least 500 million Yahoo users.
McCord said Wednesday’s charges mark the third time Belan has been indicted in the U.S., with the first indictments coming in 2012 for his alleged role in breaching the computer networks of what the Federal Bureau of Investigation has referred to as “three major e-commerce companies.” Belan is thought to have stolen the entire user database of the companies, including encrypted passwords, and then negotiated the sale of the information.
McCord said Belan’s prior actions “victimized millions of customers,” but neither she nor the FBI has specified which companies were hacked previously.
As for his role in the Yahoo breach, Belan allegedly worked with three co-conspirators, two of whom are officers of the Russian Federal Security Service, a post-Soviet Union version of the KGB, to access the account information of at least 500 million users of the web and e-mail platform. They then used that information to obtain information related to other online accounts and e-mail providers, including Google.
While federal prosecutors claim the hacking enterprise targeted the accounts of Russian and U.S. government officials, Russian journalists, employees of other web providers and employees of financial services and other commercial entities, Belan allegedly had other things in mind.
According to McCord, the Latvian-born Russian citizen “used his relationship with the two FSB officers and his access to Yahoo to commit additional crimes to line his own pockets with money,” namely by stealing gift card and credit card numbers from users’ e-mail accounts and redirecting a selected portion of Yahoo search engine traffic in order to steal commission payments.
“He also gained access to more than 30 million Yahoo accounts, whose contacts were then stolen to facilitate an e-mail spam scheme,” McCord said.
Although Belan was arrested in Europe in June 2013 related to the earlier charges against him, he escaped to Russia before being extradited to the U.S., according to the Department of Justice.
Despite being put on Red Notice through Interpol, FSB officers and defendants Dmitry Dokuchaev and Igor Sushchin allegedly “protected, directed, facilitated and paid” Belan and another hacker, Karim Baratov, a resident of Canada and Kazakh, to hack Yahoo and other targeted accounts.
During the alleged conspiracy, Dokuchaev and Sushchin also purportedly aided Belan’s “other criminal activities” by keeping him apprised of intelligence information and helped him avoid detection by U.S. and non-Russian law enforcement.
As of Wednesday afternoon, only Baratov has been arrested.
For More on Data Breaches, See: