Service Provider Cloud

US Indictment Says Russian Spies Were Behind Yahoo Hack

The US has indicted four defendants, including two officers of the Russian Federated Security Service (FSB), in the 2014 hack of 500 million Yahoo accounts.

The defendants are Dmitry Aleksandrovich Dokuchaev and Igor Anatolyevich Sushchin, both FSB officers, as well as fellow Russian Alexsey Alexseyevich Belan. Also indicted was Karim Baratov, a Canadian and Kazakh national and a resident of Canada. They were charged with computer hacking, economic espionage and other criminal offenses, and indicted by a grand jury in the Northern District of California according to a statement Wednesday by the US Department of Justice.

The defendants used unauthorized access to Yahoo's systems to steal information from at least 500 million Yahoo accounts. They used some of that information to get access to accounts at Yahoo, Google and other webmail providers. Targets included Russian journalists, US and Russian government officials, and private sector employees of financial, transportation and other companies, according to the DoJ statement.

One defendant also exploited his access to Yahoo's network for personal financial gain, according to the DoJ. He searched Yahoo user communications for credit card and gift card account numbers, redirected some Yahoo search traffic so he could earn commissions, and enabled theft of contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.

Dokuchaev and Sushchin, the FSB officer defendants, worked with criminal hackers, including Belan and Baratov. Belan was arrested in Europe in 2013, but escaped to Russia. Dokuchaev and Sushchin put Belan to work on their criminal acts rather than detaining him, the DoJ says. Belan made the FBI's "Cyber Most Wanted" list.

Russian Connection?
Kremlin Regiment, changing of the guard, Moscow Tomb of the Unknown Soldier.  Photo: Andrew Shiva / Wikipedia / CC BY-SA 4.0
Kremlin Regiment, changing of the guard, Moscow Tomb of the Unknown Soldier.
Photo: Andrew Shiva / Wikipedia / CC BY-SA 4.0

The DoJ has more details on the allegations in its statement as well as the indictment.

The indictments come as cyberspace tensions ratchet up between the US and Russia, with the US investigating connections between Russia and an attack on the Democratic National Committee and alleged ties between Russia and President Donald Trump's election campaign.

The charges don't relate to another theft of personal information from 1 billion users fro Yahoo, dating back to 2013, that resulted in significant reduction of the sales price of Yahoo to Verizon. (See Another Hack Announced by Yahoo and Verizon Knocks $350M off the Price of Yahoo.)

In a federal filing this week, Yahoo announced outgoing CEO Marissa Mayer will get $23 million parting pay. (See Yahoo's Marissa Mayer Gets $23M Kiss-Off.)

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Friend me on Facebook Editor, Enterprise Cloud News

danielcawrey 3/21/2017 | 3:07:36 PM
Re: breakdown There's got to be a lot of other companies that have had serious security problems. It seems as though the status quo is to keep quiet - Yahoo did for years. What company wouldn't behave in that way? They have to keep the confidence of consumers and stakeholders - just look at the Verizon-Yahoo deal and the writedown. 
kq4ym 3/21/2017 | 10:21:39 AM
Re: breakdown Yahoo's break will certainly be an interesting case study for future students that's for sure. I wonder how common it is that the alleged culprits in big cases like this seem to disappear or in this case go to countries where it's probably impossible to prosecute them. And then just how are the intelligence agencies involved and to what extent can cover-ups be schemed to prevent getting ultimately to the agents doing the harm and their superiors?
JohnMason 3/17/2017 | 9:50:21 PM
breakdown I wish I could see a breakdown of the breaches of Yahoo's network and the proposed defenses, but I imagine it would be too dangerous for Yahoo right now. Somehow, though, students in schools need to learn how to address these problems. Maybe they are expected to hack it themselves. I hope IT personnel at Yahoo can be tapped for seminars about this someday.
Ariella 3/17/2017 | 2:05:43 PM
Re: Scary @Joe Well, some did come to light even earlier, though nothing quite as dramatic as a revelation of Russian spy hacking.
Joe Stanganelli 3/17/2017 | 12:30:03 PM
Re: Scary @danielcawrey: Moreover, I wonder how much longer we might have been left in the dark were it not for due diligence pursuant to the Verizon buyout.
danielcawrey 3/16/2017 | 4:57:08 PM
Scary These are some pretty scary details. And just imagine - this happened to Yahoo years ago! What breaches are we not being told about as consumers? It doesn't do any good for these companies to disclose these things to people - which makes the problem even worse. 
Sign In