DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Yevgeniy Nikulin convicted of 2012 LinkedIn, Dropbox, Formspring hacks

Posted on July 11, 2020 by Dissent

It took a San Francisco jury six hours to decide once they finally got the case that started in March but was interrupted by the pandemic. Yesterday afternoon, they convicted Yevgeniy Nikulin, 32, of hacking LinkedIn, Dropbox, and Formspring in 2012.

Nikulin, who had pleaded not guilty, is scheduled to be sentenced Sept. 29.

The government was represented in this case by Michelle Kane and Katherine Wawrzyniak. Nikulin was represented by Adam Gasner and Valery Nechay.

Nikulin’s attorney has indicated that there will be an appeal. The defense had tried to raise reasonable doubt by questioning why law enforcement had not investigated another individual — an individual that the prosecution claimed was totally unrelated this case. And while the defense counsel tried to convince the jury that this was a weak case based on circumstantial evidence, I wouldn’t be surprised if members of the jury had been convinced on at least one charge by exhibits showing that Nikulin’s account was linked to an IP address that showed up in a victim’s logs on the relevant date as accessing and downloading more than 3 GB of data over a continuous period of 12 hours.

Catalin Cimpanu has a nice summary of the case’s history and issues on ZDNet, while over on CyberScoop, Jeff Stone provides more background on others accused of being associated with Nikulin and more on Nikulin’s mental health.


Here’s the DOJ’s press release on the conviction:

Yevgeniy Nikulin was convicted today by a federal jury for hacking into LinkedIn, DropBox, and the social networking company formerly known as Formspring, announced United States Attorney David L. Anderson and FBI Special Agent in Charge John L. Bennett.

The jury found that Nikulin hacked into computers belonging to LinkedIn, DropBox and Formspring, damaged computers belonging to LinkedIn and Formspring by installing malware on them, stole the usernames and passwords for employees at LinkedIn and Formspring, and sold and conspired with others to sell the data he stole as a result of his hacks.

Evidence at trial showed that Nikulin, 32, of Russia, was located in Moscow when he hacked into a computer belonging to a Bay Area-based LinkedIn employee and installed malicious software on it, allowing Nikulin to control the computer remotely. Nikulin then used that remote computer as a base to steal LinkedIn users’ login information. Evidence at trial showed that Nikulin was behind similar intrusions at DropBox and at Formspring. According to trial testimony, one of the ways that investigators were able to tie Nikulin to all three incidents was by tracing an IP address from one of the hacks back to his location in Moscow. Nikulin was arrested while traveling in the Czech Republic on October 5, 2016, and extradited to the United States to face trial.

The guilty verdict followed 6 days of trial testimony before the Honorable William H. Alsup, U.S. District Court Judge. The trial initially began in March, but proceedings were suspended after just two days in light of the COVID-19 pandemic and ensuing closure of the federal courthouse. When trial resumed on July 7, 2020, the defendant, the attorneys, and Judge Alsup wore masks, and witnesses testified from behind a glass panel to allow for social distancing requirements.

“Today’s guilty verdicts are the result of our first federal jury trial in San Francisco since the beginning of shelter in place. I am immensely grateful to Judge Alsup for getting this case to trial. Trial by jury is one of the defining features of the American justice system. We need jury trials to administer justice,” said U.S. Attorney Anderson. “Nikulin’s conviction is a warning to would-be hackers, wherever they may be. Computer hacking is not just a crime, it is a direct threat to the security and privacy of Americans. American law enforcement will respond to that threat regardless of where it originates.”

Nikulin, 32, of Moscow, Russia, was indicted by a federal grand jury on October 20, 2016. He was charged with multiple counts of computer hacking, fraud, and identity theft.

Nikulin has been in custody since his extradition from the Czech Republic.

Nikulin’s sentencing hearing is scheduled for September 29, 2020, before Judge Alsup in San Francisco. The maximum statutory penalty for each count of selling stolen usernames and passwords in violation of 18 U.S.C. § 1029(a)(2) and for each count of installing malware on protected computers in violation of 18 U.S.C. § 1030(a)(5) is 10 years, along with a fine of up to $250,000, plus restitution if appropriate. The maximum statutory penalty for each count of conspiracy in violation of 18 U.S.C. § 371 and computer hacking in violation of 18 U.S.C. § 1030(a)(2)(C) is five years, along with a fine of up to $250,000, plus restitution if appropriate. There is also a mandatory two year sentence for any conviction of aggravated identity theft, in violation of 18 U.S.C. § 1028A(1). However, any sentence will be imposed by the court after consideration of the U.S. Sentencing Guidelines and the federal statute governing the imposition of a sentence, 18 U.S.C. § 3553.

Michelle Kane and Katherine Wawrzyniak are the Assistant U.S. Attorneys who are prosecuting the case with the assistance of Helen Yee, Jessica Rodriguez Gonzalez, and Kim Richardson. The prosecution is the result of a four-year investigation by the Federal Bureau of Investigation, with the assistance of authorities in the Czech Republic and the U.S. Secret Service and the U.S. Department of Justice’s Criminal Division, Office of International Affairs.

Category: Business SectorHackOf NoteU.S.

Post navigation

← Was FSB Marketplace Takedown and Arrest of “Flint24” Punishment for Political Misstep?
Google-backed Indian delivery startup Dunzo suffers data breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Department of Justice says Berkeley Research Group data breach may have exposed information on diocesan sex abuse survivors
  • Masimo Manufacturing Facilities Hit by Cyberattack
  • Education giant Pearson hit by cyberattack exposing customer data
  • Star Health hacker claims sending bullets, threats to top executives: Reports
  • Nova Scotia Power hit by cyberattack, critical infrastructure targeted, no outages reported
  • Georgia hospital defeats data-tracking lawsuit
  • 60K BTC Wallets Tied to LockBit Ransomware Gang Leaked
  • UK: Legal Aid Agency hit by cyber security incident
  • Public notice for individuals affected by an information security breach in the Social Services, Health Care and Rescue Services Division of Helsinki
  • PowerSchool paid a hacker’s extortion demand, but now school district clients are being extorted anyway (3)

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • ARC sells airline ticket records to ICE and others
  • Clothing Retailer, Todd Snyder, Inc., Settles CPPA Allegations Regarding California Consumer Privacy Act Violations
  • US Customs and Border Protection Plans to Photograph Everyone Exiting the US by Car
  • Google agrees to pay Texas $1.4 billion data privacy settlement
  • The App Store Freedom Act Compromises User Privacy To Punish Big Tech
  • Florida bill requiring encryption backdoors for social media accounts has failed
  • Apple Siri Eavesdropping Payout Deadline Confirmed—How To Make A Claim

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.