Yahoo Hack: U.S. Charges 4 Alleged Russian Spies and Criminals

The U.S. Justice Department charged four people—three Russians nationals and one Canadian-Kazakh national—on Wednesday morning in connection to a massive data breach at Yahoo (YHOO) in which personal information for more than 500 million accounts was stolen in 2014.

Yahoo disclosed the incident, one of the largest known data breaches, last year. Soon after, the Internet portal revealed that another 1 billion accounts had been compromised in a separate 2013 intrusion.

The combination of thefts led to Verizon (VZN) negotiating a reduced price for its pending acquisition of Yahoo. Eventually, the two sides agreed to trim $350 million from the nearly $5 billion price tag.

Prosecutors indicted two officers within Russia’s FSB, the successor to the Soviet Union’s KGB. They are Dmitry Dokuchaev and Igor Sushchin.

The Center for Information Security at the FSB, also known as “Center 18,” where the pair worked, was supposed to assist U.S. law enforcement in the course of investigations, officials said during a press conference on Wednesday. But instead, FSB staffers “protected, directed, facilitated, and paid criminal hackers” involved the Yahoo breach.

Get Data Sheet, Fortune’s technology newsletter.

The two other men indicted were among the FSB’s mercenaries, according to the U.S. officials: Alexsey Belan, one of the FBI’s most wanted alleged cybercriminals who was previously charged twice for hacking into tech firms in Nevada and California, and Karim Baratov, an alleged Kazakh-born hacker for hire living in Canada.

Toronto police arrested Baratov on Tuesday, a week after the Justice Department issued a provisional warrant for his arrest to Canadian authorities.

Paul Obeid, executive assistant director at the FBI, said that prior requests for the apprehension of Belan had gone unanswered by the Russian government in 2014. (The U.S. and Russia do not have an extradition treaty.) “I think that is reflective of the relationship and the approach needed to take in this case in terms of the lack of cooperation we have gotten,” he said.

In addition to compromising a half billion email accounts, the attackers may have had access to people’s profiles on other Yahoo properties like Tumblr, Flickr, and fantasy sports, as well as non-Yahoo sites where people shared the same passwords. Officials said that stolen credentials were in some cases used to help break into accounts at other email providers, such as Google (GOOG) Gmail.

While the FSB officers allegedly used their Yahoo access mostly for intelligence purposes, like targeting foreign governments, journalists, and employees of financial, transportation, and cybersecurity firms, they also were said to have allowed their co-conspirators to use the data in cybercriminal scams including spamming, U.S. officials said. After two years, the attackers lost access to Yahoo’s networks in September 2016, but stolen data continued to be used until at least through the end of last year, they said.

“Today’s indictments remind us that the political or strategic incentives of breaching such personal email accounts are as real as the obvious financial ones for criminal actors,” said Steve Grobman, Intel (INTC) Security’s chief technology officer, who was not part of the investigation.

Mary McCord, acting assistant attorney general, reiterated the department’s determination to root out criminals during Wednesday’s press conference. “The Department of Justice is continuing to send a powerful message that we will not allow individuals, groups, nation states, or accommodation of them to compromise the privacy of our citizens, the economic interested of our companies, or the security of our country,” she said.

You can read more about the indictment charges on the DOJ’s website.

In recent years, the U.S. has used sanctions and criminal charges as a response to and deterrent from cyber attacks. The government recently charged three Chinese citizens for allegedly hacking U.S. law firms, seven Iranians for breaking into a New York dam, and five members of China’s People’s Liberation Army for stealing intellectual property from U.S. firms. The U.S. also sanctioned members of North Korean regime following a digital attack on Sony Pictures Entertainment (SNE).
Subscribe to Well Adjusted, our newsletter full of simple strategies to work smarter and live better, from the Fortune Well team. Sign up today.

Read More

Artificial IntelligenceCryptocurrencyMetaverseCybersecurityTech Forward