The United States announced charges Wednesday against two Russian intelligence officers and two hackers, accusing them of a mega data breach at Yahoo that affected at least a half billion user accounts.
The hack targeted the email accounts of Russian and U.S. officials, Russian journalists, and employees of financial services and other businesses, officials said.
“We will not allow individuals, groups, nation states or a combination of them to compromise the privacy of our citizens, the economic interests of our companies, or the security of our country,” said Acting Assistant Attorney General Mary McCord.
One of the defendants has been taken into custody in Canada, and another is on the list of the FBI’s most wanted cyber criminals.
The charges arise from a compromise of Yahoo user accounts that began at least as early as 2014. Though the Justice Department has previously charged Russian hackers with cybercrime — as well as hackers sponsored by the Chinese and Iranian governments — this is the first criminal case brought against Russian government officials.
The announcement comes as federal authorities investigate Russian interference through hacking in the 2016 presidential election.
— CNN Breaking News (@cnnbrk) March 15, 2017
The Justice Department is expected to announce indictments Wednesday against suspects in a massive hacking attack against Yahoo, Bloomberg News reported Tuesday. Four people face indictments for their involvement in the online security breaches, which saw hundreds of millions of user accounts compromised. Three of the suspects live in Russia, and the fourth resides in Canada, Bloomberg reported, citing an anonymous source familiar with the situation. U.S. authorities were expected to arrest the suspect in Canada as early as Tuesday. It was not immediately clear which data breach the suspects were accused of involvement in. Yahoo has suffered a series of hacking attacks in recent years, with hackers stealing users’ personal data in a 2013 breach and 500 million user accounts compromised in 2014. The breaches—and the company’s delay in disclosing them—prompted a $350 million price reduction in the company’s sale of its web operations to Verizon Communications.