The US Department of Justice announced today the indictment of four people for their alleged roles in the 2014 Yahoo cyberattack that compromised an estimated 500 million accounts.
The indictments target two members of the Russian intelligence agency FSB and two hackers allegedly hired by the Russians. The charges are historic, according to the Washington Post, which reports that they mark the first US cybercrime charges ever against Russian government officials. The charges also represent the largest hacking case ever brought by the United States, according to the Post.
The Justice Department identified three Russian nationals and residents in the charges: Dmitry Aleksandrovich Dokuchaev, Igor Anatolyevich Sushchin, and Alexsey Belan. The DOJ also identified defendant Karim Baratov, who is a resident of Canada and was arrested yesterday evening.
The charges include a vast scope of cyber crimes including hacking, wire fraud, economic espionage, and trade secret theft. Data stolen from Yahoo was also allegedly used to access accounts of US and Russian government officials and private-sector employees.
The DOJ elaborated on the hacks in a statement:
The defendants used unauthorized access to Yahoo’s systems to steal information from about at least 500 million Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials and private-sector employees of financial, transportation and other companies. One of the defendants also exploited his access to Yahoo’s network for his personal financial gain, by searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.
Yahoo was breached at least twice in the last five years and previously said in a statement that the 2014 hack was “state-sponsored,” but fell short of identifying who it believed was behind the attacks.
The company said that hackers scooped up users’ names, email addresses, scrambled passwords, a dates of birth. The data could potentially be used by cybercriminals to go after more sensitive personal information, such as financial or banking information.
In addition to the 2014 cyberattack, there was a larger hack that affected more than one billion Yahoo accounts, according to a disclosure made by the company in December of last year. Yahoo CEO Marissa Mayer recently gave up her bonus and equity grant because of the breaches.
In May 2016, YahooMail was forbidden by the House of Representatives because it was prone to being hacked. According to an email sent in April 2016 by the House’s Technology Service Desk, there was an increase in ransomware attacks made to Yahoo accounts. In response to the attacks, the House’s IT desk blocked access to YahooMail “until further notice.”