Coindesk Logo

Ukraine Arrests Hacker Accused of Selling Personal Data, Crypto Wallet Info

Ukraine Arrests Hacker Accused of Selling Personal Data, Crypto Wallet Info

Ukraine Arrests Hacker Accused of Selling Personal Data, Crypto Wallet Info

Ukrainian police have arrested a hacker who allegedly sold 773 million email addresses, along with passwords, bank PIN codes and cryptocurrency wallets.

Ukrainian police have arrested a hacker who allegedly sold 773 million email addresses, along with passwords, bank PIN codes and cryptocurrency wallets.

Ukrainian police have arrested a hacker who allegedly sold 773 million email addresses, along with passwords, bank PIN codes and cryptocurrency wallets.

AccessTimeIconMay 19, 2020, 5:35 PM
Updated Aug 19, 2021, 2:08 AM

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

A national law enforcement agency in Ukraine has detained a hacker it claims is responsible for the country's largest known theft of personal data, cryptocurrency wallets and other information.

The Security Service of Ukraine (SSU) reported detaining a hacker, known as Sanix, allegedly for selling a database with 773 million email addresses and 21 million unique passwords on various online forums in recent years.

In addition to email logins and passwords, the database contained “PIN codes for bank cards, e-wallets of cryptocurrencies, PayPal accounts, information about computers hacked for further use in botnets and for organizing DDoS attacks,” the SSU said in its press release.  The stolen data belonged to people from different countries, including the European Union and the U.S., the agency claimed.

The agency seized "computer equipment with two terabytes of stolen information, phones with evidence of illegal activities and cash from illegal transactions," including about $10,000 in Ukrainian hryvnias and U.S. dollars, the release said.

The seizures happened after SSU received a tip that Sanix is “probably a Ukrainian, a resident of [the] Ivano-Frankivsk region" and searched his home.

Sanix now faces criminal charges for unauthorized interference with computers and unauthorized sale or dissemination of information with limited access. According to the Ukrainian criminal code, a combination of these two can lead up to eight years of prison time. 

The breach was first reported in January 2019 by cybersecurity researcher Troy Hunt. Wired called it “a breach of breaches,” saying the 87-gigabyte database “claims to aggregate over 2,000 leaked databases that contain passwords whose protective hashing has been cracked.” 

The first batch of stolen data had been followed by several more “collections,” offered by Sanix as well as another hacker named Oxa, Forbes wrote at the time. The hackers offered “lifetime” access to the databases for modest amounts from $45 to $65. 

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.