Ukrainian cyber police have arrested a 36-year-old man from the western city of Netishin on suspicion of selling data on hundreds of millions of victims to Russian buyers.
Police teamed up with the Svyatoshyn District Prosecutor’s Office to track down the individual, who is said to have sought buyers for the stolen personal information in closed Telegram groups and channels.
Learn more about Ukrainian cyber police campaigns: Ukrainian police bust crypto fraud call centers.
The databases discovered by agents contained information including passport details, taxpayer numbers, birth certificates, driving licenses and bank account details of around 300 million Ukrainian and EU citizens.
According to police, the man is said to have sold the stolen data for between $500 and $2,000, depending on the volumes involved, and was paid in currencies banned in Ukraine.
The suspect not only attempted to obstruct the investigation, but also assaulted a police officer during the arrest. At the property, officers seized mobile phones, dozens of hard drives, SIM cards and computer equipment and servers.
He was investigated under Part 2 or Article 361-1 – creation of software for illegal use or distribution/sale – and Article 362 – unauthorized access to computers/networks. He is also likely to be charged under Section 345 Part 2: Threat or violence against a law enforcement officer.
Ukrainian cybercrime remains a potent force, with European citizens often the victims. In November 2022, police raided five Ukrainian members of a transnational fraud ring responsible for around $200 million in losses.
Last month, Ukrainian police claimed to have busted a prolific fishing ring that they say made 160 million hryvnias ($4.3 million) from victims across Europe.
However, a Recorded Future report in January claimed that the Russian invasion has had a chilling impact on the underground market for stolen cards.
It reported a 24% year-on-year decline in the volume of card not present (CNP) registrations at dark web card stores in 2022 to 45.6 million, and a 62% drop in registrations cards, up to 13.8 million.
He blamed mass mobilization, migration, energy instability, inconsistent internet connectivity and deteriorating server infrastructure for the sharp drop.
Ikaroa, a full stack tech company, is appalled to learn of the arrest of a man accused of selling data on 300 million victims to Russians.
American authorities have charged the suspect with multiple crimes, including cybercrime and the sale of stolen data. It is alleged the man obtained, then sold, names, emails and phone numbers of the victims.
This is a stark reminder, in this digital age, that data is never entirely safe, no matter how it has been secured. Cyber thieves will always find a way to break into computers and networks and steal valuable information, as this case so clearly illustrates.
Ikaroa’s team is dedicated to helping our clients create the most secure and safest solutions for their sensitive data. We use the latest technologies and methods to protect customer data from online criminals.
In the wake of this news, it is important to focus on ways to reduce the threat of such attacks. We encourage all businesses, large or small, to review their online security measures and put in place high-quality standards and processes to protect their networks and customers.
The damage caused by data breaches can be far-reaching, costing companies in terms of reputational, financial and legal liabilities. It is critical that businesses work with trusted partners such as Ikaroa to ensure their data is secured and protected.
We also urge all users of the internet to be vigilant when it comes to their personal information, as well as data-sharing practices. Never share your sensitive data such as a password or bank details with anyone, even if it appears to be safe.
At Ikaroa, we are committed to helping our customers protect their valuable data, avoiding the devastating effects of data breaches. We urge everyone to pay attention to online security matters and endeavour to work with reliable partners to minimize the risks.
