Russian hacker, 37, is sentenced to 12 years in prison for stealing data from 100MILLION U.S. consumers and over a dozen companies – using a computer network from his Moscow home that spanned five continents
- Andrei Tyurin, 37, was sentenced after pleading guilty in September 2019 to computer intrusion, wire fraud, bank fraud and illegal online gambling offenses
- In addition to the prison sentence, Tyurin has to serve three years of supervised release and has to pay a $19,214,956 forfeiture
- Tyurin has been in U.S. custody since he was extradited from the country of Georgia in September 2018.
- Prosecutors say Tyurin helped steal the personal data of more than 80 million customers from JP Morgan Chase alone
- Other customer data was also breached from E*Trade Scottrade and the Wall Street Journal, among other victim companies.
- Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein were named as co- conspirators in the investigation
A prolific Russian hacker who stole data from over a dozen U.S. companies and information about more than 100 million U.S. consumers was sentenced Thursday to 12 years in prison after admitting involvement in one of the biggest thefts of consumer data from a U.S. financial institution.
Andrei Tyurin, 37, was sentenced in Manhattan federal court after pleading guilty in September 2019 to computer intrusion, wire fraud, bank fraud and illegal online gambling offenses.
In addition to the prison sentence, Tyurin has to serve three years of supervised release and has to pay a $19,214,956 forfeiture. Tyurin has been in U.S. custody since he was extradited from Georgia in September 2018.
Prosecutors say Tyurin helped steal the personal data of more than 80 million customers from JP Morgan Chase alone.
Other customer data was also breached from E*Trade Scottrade and the Wall Street Journal, among other victim companies.
Prosecutors say Andrei Tyurin, 37, helped steal the personal data of more than 80 million customers from JP Morgan Chase alone
They said Tyurin targeted financial institutions, brokerage firms and financial news publishers including the Wall Street Journal in the United States from 2012 to mid-2015, getting the personal information of more than 100 million customers of the companies.
Tyurin operated from his Moscow home, collecting over $19 million as he utilized a computer infrastructure across five continents, authorities said in a release from the U.S. Attorney’s Office in the Southern District of New York.
In addition to the financial sector, Tyurin also committed cyberattacks against multiple U.S. and foreign companies from 2007 to mid-2015. Tyurin is said to have ‘used computer infrastructure located across five continents,’ which he ran from his home in Moscow
Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein were named as co- conspirators in the investigation and charged ‘in furtherance of securities market manipulation, illegal online gambling, and payment processing fraud schemes.
Other customer data was also breached from E*Trade Scottrade and the Wall Street Journal, among other victim companies
In a release, Acting U.S. Attorney Audrey Strauss said Tyurin ‘played a major role in orchestrating and facilitating an international hacking campaign that included one of the largest thefts of U.S. customer data from a single financial institution in history.’
‘Tyurin engaged in these crimes at the direction of his partner Gery Shalon, and in furtherance of other criminal schemes overseen and operated by Shalon and his co-conspirators, including securities fraud schemes in the United States,’ the release states.
‘For example, in an effort to artificially inflate the price of certain stocks publicly traded in the U.S., Shalon and his co-conspirators marketed the stocks in a deceptive and misleading manner to customers of the victim companies whose contact information Tyurin stole in the intrusions.’
In court papers, Tyurin’s lawyer, Florian Miedel, wrote that Tyurin only pocketed about $5 million because the rest was only promised by a co-conspirator who relied on Tyurin to get names and contact information so he could recruit customers for his illegal online gambling business.
Gery Shalon (pictured), Joshua Samuel Aaron and Ziv Orenstein were named as co- conspirators in the investigation and charged ‘in furtherance of securities market manipulation, illegal online gambling, and payment processing fraud schemes
Ziv Orenstein is pictured center
Miedel requested leniency for his client, saying Tyurin never stole money through his hacking.
In a letter to the judge, Tyurin said he was ‘terribly ashamed’ of the personal information he stole and believed he had ‘chosen a wrong path in life.’
He also wrote that he has changed since a daughter he can no longer see was born four years ago.
A FBI wanted poster for Joshua Samuel Aaron who was captured
In court papers, prosecutors wrote that as investigators closed in on Tyurin and the co-conspirator with the online gambling business, Tyurin and his accomplice ‘were fundamentally driven by pragmatic considerations regarding the risk of their detection and ultimately their apprehension, rather than concerns regarding relative moral culpability of their use of the stolen data.’
They urged a stiff sentence, citing the difficulty of apprehending someone who operates a half a world away.
‘As a result of the significant resources required to mount a successful hacking prosecution, convictions are relatively rare. Consequently, the importance of affording general deterrence through meaningful sentences is particularly acute in criminal hacking cases,’ according to a sentencing submission signed by Assistant U.S. Attorney Eun Young Choi.
Tyurin has been in U.S. custody since he was extradited from the country of Georgia in September 2018. He will be deported once he serves his sentence.
U.S. District Judge Laura Taylor Swain ordered him to forfeit his profits. Restitution was to be determined at a later date.
Source: Read Full Article