29-year-old man’s arrest linked to 2012 professional social network security breach that saw over 150,000,000 user’s details being stolen.

A Russian man has been charged with hacking and stealing information from computers at LinkedIn and other San Francisco Bay Area companies

phishing linkedin

The US attorney’s office in San Francisco has announced that 29-year-old Yevgeniy Aleksandrovich Nikulin, of Moscow, Russia, was indicted by a grand jury, on multiple charges including computer intrusion and aggravated identity theft.

US prosecutors say that Nikulin was responsible for using a LinkedIn employee’s credentials to access the company’s network in 2012. The Russian national has also been charged with the hack of two other Bay area companies, Formspring, and the more well-known Dropbox. He is also charged with conspiring to sell stolen user names, passwords and email addresses.

Judging from media reports however, it seems that Nikulin is not solely responsible for the hacks. The indictment also lists several as yet unnamed co-conspirators as being responsible with the distribution of the hacked data. Nikulin’s primary form of communication with the others has reportedly been through Gmail.

LinkedIn was hacked in 2012 and at the time, only 6.5 million accounts were believed to have been accessed. But a database emerged earlier this year on the dark web that included the details of 167 million LinkedIn accounts, and roughly 117 million passwords. The incident has proved to be embarrassing for LinkedIn.

Nikulin was arrested in the Czech Republic on the 5th October, and is still there awaiting an extradition hearing to the US. For its part, Russian officials have said they are working to prevent his extradition to the United States.

LinkedIn said in a statement that it appreciated the FBI’s ongoing work to “pursue those responsible for the 2012 breach of LinkedIn member information”.

If extradited to stand trial in the US, Nikulin faces a maximum sentence of over 30 years in jail if found guilty.