Vladimir Drinkman, a 34-year-old hacker who hails from Syktyvkar, Russia and Moscow, confessed to committing cybercrimes before a New Jersey federal court on Tuesday.
His felonies, which cost businesses hundreds of millions of dollars in losses, involved breaching the corporate networks of major organizations such as Nasdaq (NDAQ), Dow Jones, JCP (JCP), Heartland Payment Systems (HPY), and JetBlue (JBLU), among at least a dozen others, according to a Department of Justice announcement.
The statement labels the hacking campaign, which compromised more than 160 million credit card numbers since the mid ’00s, “the largest such scheme ever prosecuted in the United States.”
According to the investigation, Drinkman worked with four accomplices—three Russians and a Ukrainian—to hack into these networks, mine them for valuable data, store the loot on an anonymous web-hosting server, and sell the stolen data. The other defendants named are Alexandr Kalinin (29-years-old, from St. Petersburg), Roman Kotov (34, Moscow), Mikhail Rytikov (28, Odessa) and Dmitriy Smilianets (32, Moscow).
While Drinkman and Smilianets were apprehended during a visit to the Netherlands in June 2012, the others remain at large. Smilianets is currently in the U.S.’s custody and faces other charges in New York, according to the statement.
“This hacking ring’s widespread attacks on American companies caused serious harm and more than $300 million in losses to people and businesses in the United States,” said Assistant Attorney General Leslie R. Caldwell of the Justice Department’s criminal division. “As demonstrated by today’s conviction, our close cooperation with our international partners makes it more likely every day that we will find and bring to justice cyber criminals who attack America—wherever in the world they may be.”
Drinkman, who originally plead not guilty, had been previously charged in the 2009 case against 34-year-old Albert Gonzalez, a resident of Miami, Fl., who is currently serving 20 years in prison for his part in the Heartland breach. That incident, which resulted in more than 130 million lost credit card numbers, was the largest ever corporate cybertheft reported at the time.
For more on hacking, watch this video below.