A Russian national Yevgeniy Nikulin has been found guilty by a San Francisco jury of hacking LinkedIn and Dropbox in 2012. The hack, which resulted in the theft of 117 million usernames and passwords were placed on Russian-Language forums.
Per Cyberscoop, Nikulin was found guilty by the jury after only a few hours of deliberation, coming eight years after the crime was committed.
“Nikulin’s conviction is a direct threat to would-be hackers, wherever they may be,” U.S. Attorney David Anderson said in a statement per Cyberscoop. “Computer hacking is not just a crime, it is a direct threat to the security and privacy of Americans. American law enforcement will respond to that threat regardless of where it originates.”
The 32-year old Russian was arrested four years ago by authorities in the Czech Republic as part of an FBI operation. While in custody, the Czech authorities weighed on the extradition request from the US and Russia.
The San Francisco court has fixed sentencing for September 29 where he faces up to 10 years in prison for each count of selling stolen logins and installing malware, as well as five years for each count of hacking and conspiracy.
In 2016, the BBC reported that a hacker was trying to sell a database dump containing account records for 167 million users. The hacker made the announcement on a black market website called TheRealDeal. The hacker reportedly wanted 5 bitcoins or around $2,200 in exchange for the data set.
Have I been pwned? is a website that allows you to check if you were affected by known data leaks—and its owner believed that the chances the hacker’s claim was legitimate could be real after all. The creator of the website Troy Hunt reportedly had access to around 1 million records from the said data set.
In 2012, LinkedIn had to reset some accounts that were breached—and the 2016 leak may not be unconnected with that because the company only dealt with affected accounts. The company announced at that time that it had reset all accounts it thought had been endangered.
According to the administrator of a data leak indexing website LeakedSource, who is in possession of a copy of the data set; the records were sourced from the 2012 LinkedIn breach.
“Passwords were stored in SHA1 with no salting,” the LeakedSource administrators said in a blog post. “This is not what internet standards propose. Only 117m accounts have passwords and we suspect the remaining users registered using FaceBook or some similarity.”
A 2012 data breach affected 6.5 million LinkedIn users whose records and password hashes were posted online. There is a possibility that the 2012 data breach was actually larger than what was reported.