U.S. Charges Two Russian Spies for Hacking 500 Million Yahoo Accounts

Two criminal hackers have been charged in the same case after one of them, Karim Baratov, was arrested in Canada on Tuesday.

An illustrative image of a computer hacker.
Igor Stevanovic, Dreamstime

The U.S. government charged on Wednesday two Russian spies and two criminal hackers for allegedly pilfering 500 million Yahoo user accounts in 2014.

The indictments, announced at a news conference in Washington, represent the first time the U.S. government has criminally charged Russian officials for cyber offenses. 

The content of at least 30 million accounts were accessed as part of a spam campaign and that at least 18 people who used other internet service providers, such as Google, were also victimized, the government charged. 

The officers of the FSB, Russia's Federal Security Service, which is a successor to the KGB, were identified as Dmitry Dokuchaev and his superior, Igor Sushchin, the government said. 

Alexsey Belan, who is on the list of most-wanted cyber criminals, and Karim Baratov, who was born in Kazakhstan but has Canadian citizenship, were also named in the indictment. 

The Justice Department said Baratov was arrested in Canada on Tuesday and that his case is now pending with Canadian authorities. 

Belan was arrested in an European country in June 2013 but escaped to Russia before he could be extradited to the United States, according to the Justice Department. 

The 47-count indictment includes conspiracy, computer fraud and abuse, economic espionage, theft of trade secrets, wire fraud, access device fraud and aggravated identify theft. 

The charges are not related to the hacking of Democratic emails that took place during the 2016 U.S. presidential election. Intelligence agencies have said they were carried out by Russia in order to help the campaign of Republican President Donald Trump. 

In September, Yahoo said that at least 500 million of its accounts were hacked in 2014 by what it believed was a state-sponsored actor, a theft that appeared to be the world's biggest known cyber breach by far.

Cyber thieves were believed to have stolen names, email addresses, telephone numbers, dates of birth and encrypted passwords, the company said. But unprotected passwords, payment card data and bank account information did not appear to have been compromised, signaling that some of the most valuable user data was not taken.

The attack on Yahoo was unprecedented in size, more than triple other large attacks on sites such as eBay, and it came to light at a difficult time for Yahoo.

Although the attack happened in 2014, Yahoo only discovered the incursion after August reports of a separate breach. While that report turned out to be false, Yahoo's investigation turned up the 2014 theft, a person familiar with the matter had said.