You will be redirected back to your article in seconds

Russian Spies and Conspirators Hacked Yahoo in 2014, DOJ Charges

Four foreign nationals indicted for allegedly stealing data on at least 500 million Yahoo user accounts

The U.S. Department of Justice said Wednesday that four foreign nationals — including two officers of the Russian Federal Security Service — were indicted for computer hacking, economic espionage and other crimes in connection with a massive attack and theft of data from Yahoo’s network in 2014.

A grand jury in Northern California indicted four defendants, the DOJ said. Those included two agents of Russia’s Federal Security Service, known as FSB: Dmitry Aleksandrovich Dokuchaev, 33, a Russian national and resident; Igor Anatolyevich Sushchin, 43, a Russian national and resident. Authorities allege they conspired with two hackers on the Yahoo attack: Alexsey Alexseyevich Belan (aka “Magg,”), 29, a Russian national and resident; and Karim Baratov (aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov”), 22, a Canadian and Kazakh national and a resident of Canada.

Yahoo’s disclosure of two massive user-data breaches that occurred in 2013 and 2014 threatened to derail the Verizon acquisition of the internet company’s web businesses. Verizon and Yahoo agreed to shave $350 million from the purchase price for Yahoo’s internet businesses, to about $4.48 billion, because of the hacks; Verizon CEO Lowell McAdam had originally sought to reduce the deal price by $925 million, according to a Yahoo SEC filing this week.

The four individuals lost their access to Yahoo’s networks in September 2016, but they continued to used data stolen from the company through at least December 2016, the DOJ said. According to the indictment’s allegations, two Russian spies — Dokuchaev and Sushchin — “protected, directed, facilitated and paid” criminal hackers to collect information through computer intrusions in the U.S. and elsewhere. In the case of the Yahoo attack, the two FSB agents worked with Belan and Baratov to obtain access to the email accounts of thousands of individuals, the DOJ said.

“The indictment unequivocally shows the attacks on Yahoo were state-sponsored,” Chris Madsen, Yahoo’s assistant general counsel and head of global law enforcement, said in a statement. “We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible.”

When Yahoo disclosed the 2014 attack last September, it said at the time that the stolen user-account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and in some cases encrypted or unencrypted security questions and answers.

Earlier this month, Yahoo general counsel Ron Bell resigned after a board inquiry faulted the company’s legal team with not sufficiently pursuing the 2014 breach. The board also withheld CEO Marissa Mayer’s 2016 bonus and Mayer agreed to forgo any 2017 equity compensation.

According to the DOJ, the four defendants were behind the 2014 attack. All together, they face 47 criminal counts, including conspiring to commit computer fraud and abuse. Beginning in January 2014, the feds charged, the individuals used unauthorized access to Yahoo’s systems to steal information from about at least 500 million Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other web email providers, including accounts of Russian journalists, U.S. and Russian government officials, and private-sector employees of financial, transportation and other companies.

In addition, one of the defendants — Belan — also exploited his access to Yahoo’s network “for his personal financial gain,” the DOJ said, by searching Yahoo user communications for credit-card and gift-card account numbers. According to authorities, Belan also redirected a subset of Yahoo search-engine traffic to earn commissions, and gained access to more than 30 million accounts whose contacts were then stolen to facilitate a spam campaign.

“Cybercrime poses a significant threat to our nation’s security and prosperity, and this is one of the largest data breaches in history,” Attorney General Jeff Sessions said in a statement. “But thanks to the tireless efforts of U.S. prosecutors and investigators, as well as our Canadian partners, today we have identified four individuals, including two Russian FSB officers, responsible for unauthorized access to millions of users’ accounts. The United States will vigorously investigate and prosecute the people behind such attacks to the fullest extent of the law.”

On March 14, Baratov was arrested in Canada and his case is now pending with the Canadian authorities, the DOJ said. Belan — who has previously been publicly indicted and was named one of FBI’s Cyber Most Wanted criminals in November 2013 — was arrested in Europe on a request from the U.S. in June 2013, but he was able to escape to Russia before he could be extradited. The DOJ did not indicate the whereabouts of the two FSB officers, Dokuchaev and Sushchin, indicted in the Yahoo case.

Popular on Variety

More Digital

  • Elite Season 2

    San Sebastian: Spain’s SVOD Players Debate Competition, Brand, Talent

    SAN SEBASTIAN  — Executives from HBO, Netflix, Amazon and Movistar+ and “Elite” co-creator Darío Madrona took to the stage to field questions on the Global Impact of Spanish Series. Here, briefly, are five takeaways: 1.Spain First “La Casa de Papel” was watched by 34,355,956 Netflix accounts over its first seven days,  after a July 19 [...]

  • Tinder - Swipe Night

    Tinder's Apocalyptic 'Swipe Night' Interactive Dating Show Sets Release Date

    Tinder next month will bow its first original entertainment content — “Swipe Night,” an interactive adventure series in which viewers are forced to make dating choices on humanity’s last night on Earth. Variety previously reported details of the location-based social network/dating app service’s foray into original content, which recently wrapped production in Mexico City and [...]

  • Editorial Use onlyMandatory Credit: Photo by

    YouTube Rolls Back Verification Changes, Says Verified Creators Can Keep Their Badge

    A day after announcing significant changes to its verification program, YouTube announced Friday afternoon that it won’t be de-verifying existing creators after all. “We heard loud and clear how much the badge means to you,” said YouTube product manager Jonathan McPhie in a blog post. “Channels that already have the verification badge will now keep it [...]

  • BLive: BitTorrent Live Streaming App to

    BitTorrent to Launch Public Beta of New Live Streaming App

    BitTorrent is getting ready to open the floodgates for its new live streaming app, dubbed BitTorrent Live: The company plans to launch a BitTorrent Live Android app on various app stores as part of a public beta test late Friday, according to a spokesperson. BitTorrent Live, which is also known as BLive, is being described [...]

  • Netflix - Apple TV

    Netflix Stock Drops After CEO Acknowledges 'Tough Competition' Coming From Disney, Apple

    Netflix shares fell as much as 7% Friday to a nine-month low, coming after CEO Reed Hastings commented that the November launches of Disney Plus and Apple TV Plus will introduce a “whole new world” of competition. Hastings, speaking at the Royal Television Society conference Friday in Cambridge, England, said, “While we’ve been competing with [...]

  • Facebook

    Facebook Suspends Tens of Thousands of Apps During Privacy Investigation

    Facebook has suspended tens of thousands of apps ever since it began investigating potential privacy abuses, the company said Friday. The apps in question had been built by around 400 developers, and a suspension doesn’t necessarily indicate actual privacy violations. Facebook began combing through millions of apps that made use of its platform after the [...]

  • tivo logo

    Tivo Plans to Launch Android TV Dongle, Tivo+ Curation App

    DVR maker Tivo is getting ready to release a new device that may not record television at all: The company plans to launch a $50 Roku-like TV dongle early next year, its new CEO Dave Shull revealed in a conversation with CNN this week. The new device will be powered by Google’s Android TV platform, [...]

More From Our Brands

Access exclusive content