The latest twist in the Yahoo data breach saga is beginning to resemble the plot of an elaborate spy novel.
The US Department of Justice (DoJ) has indicted two Russian intelligence officers and two hackers over their alleged involvement in the massive Yahoo data breach.
The massive 1bn-account data breach was one of the biggest in history and almost derailed the $3.8bn takeover of Yahoo by Verizon, shaving $350m off the price tag.
The personal details of 1bn Yahoo users were stolen by hackers between 2013 and 2014.
Those indicted were named as Russian intelligence officers Dmitry Dokuchaev and Igor Suchchin (who work for the FSB, the successor to the KGB), Russian individual Alexsey Belan and Canadian man Karim Baratov.
Who are America’s ‘cyber most wanted?’
“Dmitry Dokuchaev and Igor Suchchin, both FSB officers, protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere,” the DoJ said in a statement.
“They worked with co-conspirators Alexsey Belan and Karim Baratov to hack into computers of American companies providing email and internet-related services, to maintain unauthorised access to those computers and to steal information, including information about individual users and the private contents of their accounts. “
The DoJ said that the defendants targeted Yahoo accounts of Russian and US officials, including cybersecurity, diplomatic and military personnel.
They also targeted Russian journalists, employees of internet companies, and employees of financial services companies and other entities.
Belan had been indicted twice before in the US for three intrusions into e-commerce companies and for victimising millions of customers.
He has been one of the FBI’s most wanted cyber-criminals for more than three years.
“Belan’s notorious criminal conduct and a pending Interpol Red Notice did not stop the FSB officers who, instead of detaining him, used him to break into Yahoo’s networks,” the DoJ said.
“Meanwhile, Belan used his relationship with the two FSB officers and his access to Yahoo to commit additional crimes to line his own pockets with money.”
Belan is understood to have used his access to Yahoo to search for and steal financial information such as gift card and credit card numbers from users’ accounts.
He also accessed more than 30m Yahoo accounts to facilitate an elaborate spam scheme.
“With these charges, the Department of Justice is continuing to send the powerful message that we will not allow individuals, groups, nation states or a combination of them to compromise the privacy of our citizens, the economic interests of our companies or the security of our country,” the DoJ said.