Cyber Security

Russian Arrested By FBI Believed To Be LinkedIn Hacker

Law enforcement is mum about details, though. Could he have hacked other sites too?

Cyber Security
Illustration: Vocativ
Oct 21, 2016 at 6:24 PM ET

Update Friday, Oct. 21, 6:24 pm: The Department of Justice has announced the suspected hacker is Yevgeniy Aleksandrovich Nikulin 29, of Moscow. He stands accused not only of being behind huge LinkedIn hack, but also the Dropbox hack that exposed 68 million usernames and passwords, as well as 28 million accounts from the late social network Formspring.

A Russian wanted in the U.S. for cyber crimes, arrested recently in Prague, is believed to be behind the 2012 “megabreach” of LinkedIn users’ data, the company says.

That breach led to some 117 million LinkedIn users’ usernames and unencrypted or easily decrypted passwords being openly sold on deep web markets. Huge databases from several other sites have been verified and spotted for sale recently, including MySpace and Yahoo. Such transactions in turn led to the rise of people reporting missing money if they used the same username and password across sites.

On Tuesday evening, INTERPOL announced that it had collaborated with the FBI to arrest a Russian hacker believed to have hacked targets in the United States. He had been in the country for roughly 12 hours, the agency said, and had driven in a luxury car with his girlfriend before officers found him in his hotel.

LinkedIn seemed to believe the man was indeed responsible for its 2012 breach. In a statement, it formally thanked the FBI for bringing him to justice. “Following the 2012 breach of LinkedIn member information, we have remained actively involved with the FBI’s case to pursue those responsible,” the company said in a statement. “We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this criminal activity.”

The FBI confirmed the arrest, but declined to identify whether the man was believed to be connected for the LinkedIn hack — or any of the other unsolved major hacks of American tech companies — stressing that its investigation was still ongoing. It deferred questions to the Department of Justice, which declined to provide comment to Vocativ, as the man’s case is still under seal.

A law enforcement official familiar with the arrest did, however, stress to Vocativ that while the man was arrested for alleged criminal hacking, he was not believed to be involved with the June hack of the Democratic National Committee. The U.S. Department of Homeland Security and Director of National Intelligence have identified Russian government hackers as behind that hack, and hacked files from the DNC have slowly leaked out from several blogs believed to be part of that operation, as well as by WikiLeaks.