Four men, including two Russian intelligence officers, were charged with participating in a hacking operation that has affected half a billion Yahoo Inc. customers.
The indictment, handed down by a San Francisco federal grand jury on Feb. 28 and unsealed Wednesday, charges Russian Federal Security Service officers Dmitry Aleksandrovich Dokuchaev and Igor Anatolyevich Sushchin of partnering with two hackers to access the contents of accounts at Yahoo, Google and other webmail services. According to the indictment, targets included accounts of Russian journalists as well as U.S. and Russian government officials.
The breaches had far-reaching consequences for Yahoo. More than 40 breach-related lawsuits from customers have been consolidated before U.S. District Judge Lucy Koh of the Northern District of California. Last month Koh tapped John Yanchunis of Morgan & Morgan as lead counsel in the multidistrict litigation. On March 1 the company announced in a securities filing that general counsel Ron Bell resigned without severance after an internal investigation by lawyers at Sidley Austin found that certain Yahoo senior executives and members of its legal team "had sufficient information to warrant substantial further inquiry in 2014" about a breach of the company's networks by a state-sponsored hacker, but "they did not sufficiently pursue it." The company replaced Bell with former Broadcom Corp. general counsel Arthur Chong on March 10. In the wake of the data breach revelations. Yahoo also agreed to drop its asking price by $350 million in its sale to Verizon Communications Inc.
In a blog post Wednesday morning, Yahoo assistant general counsel Chris Madsen said the allegations in the federal indictment are consistent with the company's previous disclosures that information from about 500 million user accounts were compromised and state-sponsored actors had discovered a way to access certain user accounts without passwords. "The indictment unequivocally shows the attacks on Yahoo were state-sponsored," Madsen wrote. "We are deeply grateful to the FBI for investigating these crimes and the DOJ for bringing charges against those responsible."
At a press conference Monday morning, Mary McCord, acting assistant attorney general for DOJ's National Security Division, said the evidence did not show any connection between the Yahoo breach and hacks of email servers belonging to the Democratic National Committee, which are the subject of a separate ongoing investigation.
The two alleged hackers accused of working alongside the Russian agents in the Yahoo case, Alexsey Alexseyevich Belan and Karim Baratov, were also charged in the indictment unsealed Wednesday. Belan, who has been indicted twice before, including once in the Northern District of California, is currently among the FBI's "Cyber Most Wanted" related to charges he hacked three U.S.-based e-commerce companies. Baratov was arrested by Canadian officials on Tuesday.
At Wednesday morning's press conference, Brian Stretch, U.S. attorney for the Northern District of California, encouraged companies that experience cyber breaches to alert government authorities. Stretch said companies that cooperate with the government are better able to determine the scope of the intrusion, the identify of the hackers, and information about what use the hackers make of stolen information.
Assistant U.S. Attorney John Hemann of the Northern District of California worked on the investigation along with National Security Division lawyers Scott McCulloch and Christopher Ott.