A national law enforcement agency in Ukraine has detained a hacker it claims is responsible for the country’s largest known theft of personal data, cryptocurrency wallets and other information.
The Security Service of Ukraine (SSU) reported detaining a hacker, known as Sanix, allegedly for selling a database with 773 million email addresses and 21 million unique passwords on various online forums in recent years.
In addition to email logins and passwords, the database contained “PIN codes for bank cards, e-wallets of cryptocurrencies, PayPal accounts, information about computers hacked for further use in botnets and for organizing DDoS attacks,” the SSU said in its press release. The stolen data belonged to people from different countries, including the European Union and the U.S., the agency claimed.
The agency seized “computer equipment with two terabytes of stolen information, phones with evidence of illegal activities and cash from illegal transactions,” including about $10,000 in Ukrainian hryvnias and U.S. dollars, the release said.
The seizures happened after SSU received a tip that Sanix is “probably a Ukrainian, a resident of [the] Ivano-Frankivsk region” and searched his home.
Sanix now faces criminal charges for unauthorized interference with computers and unauthorized sale or dissemination of information with limited access. According to the Ukrainian criminal code, a combination of these two can lead up to eight years of prison time.
The breach was first reported in January 2019 by cybersecurity researcher Troy Hunt. Wired called it “a breach of breaches,” saying the 87-gigabyte database “claims to aggregate over 2,000 leaked databases that contain passwords whose protective hashing has been cracked.”
The first batch of stolen data had been followed by several more “collections,” offered by Sanix as well as another hacker named Oxa, Forbes wrote at the time. The hackers offered “lifetime” access to the databases for modest amounts from $45 to $65.