US jury finds Russian hacker guilty of LinkedIn and Dropbox hacks

A US court found Russian Evgeny Nikulin guilty of the LinkedIn and Dropbox hacks in 2012, exposing the data of 117 million and 69 million users respectively.

The Russian has also been found guilty of selling Formspring data. That company was also hacked in 2012, resulting in the theft of data from 420,000 users. The Russian was arrested in the Czech Republic in 2016, after which a tug of war broke out between Russia and the US: both countries wanted to have him extradited. Russia drew the short straw.

A penalty has not yet been determined; which follows on September 29. He can be sentenced to ten years in prison for each case of theft of login data. He can get five years per case for installing malware on other people’s computers and two years for identity theft. That writes Bloomberg.

The Russian offered the LinkedIn data for 5 bitcoin, about 2000 euros at the time. How much was requested for the Dropbox database is unknown. Dropbox was also entered on the basis of a reused password of an employee, which appeared in the leaked data from LinkedIn. The hacks took place in 2012, but only came to light in 2016.