Canadian-Kazakh national arrested in Ontario over massive Yahoo breach
A Canadian man of Kazakh origins has been arrested in Ontario as one of four suspects in a massive hack of Yahoo that targeted American government officials and others, authorities said Wednesday.
Karim Baratov, 22, was taken into custody in Ancaster, Ont., on Tuesday morning at the request of American authorities, a Toronto police spokesman said.
“Our job was to locate and arrest one of the people,” Mark Pugash told The Canadian Press. “We did that safely without incident.”
In a release, the U.S. Department of Justice said a grand jury in California has indicted Baratov and three others, two of them allegedly officers of the Russian Federal Security Service, for computer hacking, economic espionage and other criminal offences.
According to the department, the four are alleged to have hacked into Yahoo's systems and stolen information from more than 500 million user accounts.
“(They) then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials, and private-sector employees of financial, transportation and other companies,” the department alleged.
“One of the defendants also exploited his access to Yahoo's network for his personal financial gain, by searching user communications for credit-card and gift-card account numbers.”
Toronto officers were involved because its fugitive squad has a strong reputation, Pugash said. He could offer no further information about Baratov but said the suspect had been turned over to the RCMP.
“This was a very large operation,” Pugash said. “Our job was that final part of it, which was to locate and arrest him.”
Mountie spokesman Sgt. Harold Pfleiderer said the RCMP assisted the FBI in its investigation.
U.S. officials said Baratov also went by the names Kay, Karim Taloverov and Karim Akehmet Tokbergenov.
Mike Le, owner of All In Detailings in Mississauga, Ont., called Baratov an exotic car buff who had referenced doing some “computer geek stuff.” His client was popular and flashy but also reserved about anything personal, Le said.
“All my friends know him too, and none of them know anything about his life,” Le said. “He's very secret about his life.”
Le said he worked on an Aston Martin for Baratov, who he said frequently bought and sold expensive cars.
Baratov's Facebook profile links to a Russian-language company website that offers a “server in Russia with any configuration and unlimited traffic” and “persistent domains in China.”
A neighbour said police were at Baratov's home all day Tuesday, but said he didn't know him personally.
Also indicted in the alleged conspiracy that authorities said began in January 2014 were Dmitry Aleksandrovich Dokuchaev, 33, Igor Anatolyevich Sushchin, 43, and Alexsey Alexseyevich (Magg) Belan, 29, all Russian nationals and residents. Dokuchaev and Sushchin were said to be Russian intelligence agents who allegedly masterminded and directed the hacking, the department said.
Dokuchaev and Sushchin allegedly tasked Baratov with hacking more than 80 accounts in exchange for commissions, according to the U.S. authorities, who submitted a provisional arrest warrant to Canadian authorities March 7.
The charges against the four were announced by top American justice and security officials, including Attorney General Jeff Sessions and FBI Director James Comey.
“Cyber-crime poses a significant threat to our nation's security and prosperity, and this is one of the largest data breaches in history,” Sessions said in a statement.
Belan, who had previously been indicted in 2012 and 2013, was named one of FBI's most wanted cyber-criminals in November 2013 but escaped to Russia before he could be extradited from Europe, the department said.
Based in Sunnyvale, Calif., Yahoo was already facing a proposed $50-million class action on behalf of Canadians whose personal information may have been stolen. The company informed the representative plaintiff, Natalia Karasik, of Barrie, Ont., late last year that her information was part of a hack of its servers in 2013.
In September, Yahoo sent a mass email to users to inform them that their account information had been stolen from its network in a cyberattack in late 2014. The information included email addresses, telephone numbers, dates of birth, passwords and security questions. The company said at least 500 million user accounts were affected.
Yahoo also faces class actions in the United States.
—with files from Michelle McQuigge in Toronto<