32-year-old Russian hacker Yevgeniy Alexandrovich Nikulin has been sentenced to 88 months in prison in the U.S. for hacking into LinkedIn, Dropbox, and now-defunct social-networking company Formspring in early 2012.
Nikulin was arrested in October 2016 while traveling in the Czech Republic and was extradited to the United States in March 2018 to face trial for hacking into computers owned by LinkedIn, Dropbox, and Formspring and stealing the login credentials of hundreds of millions of users.
Nikulin is a Russian national and was based in Moscow when he carried out the cyber crimes. He initially hacked into the computer of a LinkedIn employee, installed malware into the hijacked machine, and used the employee’s stolen credentials to log in to LinkedIn’s corporate VPN.
Once inside LinkedIn’s corporate network, Nikulin stole a database containing the login information, including encrypted passwords, of over 117 million LinkedIn users. He used a similar tactic to steal the login credentials of over 68 million Dropbox users as well as the credentials of an unknown number of Formspring users.
According to the U.S. Department of Justice, Nikulin also infiltrated the network of Automattic, the parent company of WordPress.com, but there is no evidence to confirm whether he was able to steal any data from the company.
Nikulin stole private log-in details of 1,000 British MPs and parliamentary staff
The LinkedIn data breach, which involved Nikulin stealing the login credentials of over 117 million users, also compromised ‘private log-in details of 1,000 British MPs and parliamentary staff, 7,000 police employees and more than 1,000 Foreign Office officials’ in the UK.
These details were part of a large cache of data obtained from Russian-speaking hacking websites in 2017 that also contained 2,944 hacked email addresses and passwords belonging to officials at the Department for Work and Pensions, 1,442 belonging to officials at the Department of Health, 1,392 belonging to officials at the Foreign & Commonwealth Office and 938 hacked email addresses and passwords belonging to officials at the Ministry of Justice.
After the existence of the data dump was reported by The Times, the National Cyber Security Centre said it was advising LinkedIn users to change their passwords immediately, close their accounts if they are not using the service, and not use the same passwords for both personal and work accounts. Affected users have also been asked to use multi-factor authentication to make it more difficult for Russian hackers.