On Wednesday morning, the Department of Justice announced four indictments related to the 2014 hack of Yahoo Mail, including two individuals of Russia’s Foreign Security Bureau (FSB).
The case of United States v. Dmitry Dokuchaev, et al., filed in the Northern District of California, is the conclusion of the FBI investigation into one of the largest data breaches on record. In 2014, Yahoo’s network was improperly accessed by the four defendants, and the stolen information was then used to access other online accounts, including Google and Hotmail.
“Cyber crime poses a significant threat to our nation’s security and prosperity, and this is one of the largest data breaches in history,” said Attorney General Sessions in a press release. “But thanks to the tireless efforts of U.S. prosecutors and investigators, as well as our Canadian partners, today we have identified four individuals, including two Russian FSB officers, responsible for unauthorized access to millions of users’ accounts. The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law.”
One of the defendants, Alexsey Belan, was on the FBI’s Most Wanted list before the hack, but successfully escaped to Russia to evade capture. The criminal complaint alleges Dokuchaev and Igor Sushchin, both working for the FSB, used Belan to hack Yahoo’s network and obtain “at least a portion of” the Yahoo user database. While passwords were not included in this database, the hackers were able to replicate user cookies which would grant access to the accounts.
Using this information, the FSB was able to target Russian journalists and government officials, as well as Russian companies they wished to exploit. Additionally, American financial services were targeted, as well as members of the U.S. government. The data was used to steal gift card and credit card information, and possibly redirect Yahoo’s search traffic to spam sites.
The hackers were not acting alone in their capacity as FSB agents, a spokesman for the Department of Justice said. “This strains our relationship with the FSB,” FBI assistant director Paul Abbate said.
The hack began in mid-2014, and was first revealed to the public in September 2016, at which point the hackers lost access to Yahoo’s network. However, the criminal complaint alleges the data was used through December 2016.
The fourth defendant, Karim Baratov, was arrested in Canada on March 14 as a co-conspirator. The remaining three are still at large.