In 2014, approximately 76 million JPMorgan Chase customers found out that hackers had accessed the company’s database. Not only had they accessed the database, but they had access for two months. Now, U.S. officials have secured the extradition of the Russian man believed to be responsible – Andrei Tyurin. Tyurin is from Georgia and is being charged with a list of crimes including conspiracy, hacking, identity theft and wire fraud. According to Bloomberg, the arrest was the product of a years-long investigation that authorities said unmasked Tyurin as a major player in a gang of hackers responsible for numerous financial crimes at a number of institutions:
It was the unlikely culmination of a years-long hunt by U.S. authorities, who had closely tracked a hacker they said led cyber breaches of financial firms that fed an array of activities including securities fraud, money laundering, credit-card fraud and fake pharmaceuticals.
Federal authorities in New York laid out most of those details three years ago when describing a breach of a swath of the financial system that created more than 80 million victims. Other targeted companies include Fidelity Investments, Dow Jones & Co., E*Trade Financial Corp. and Scottrade Financial Services Inc.
What the earlier court filings didn’t disclose was the identity of the central hacker—revealed finally in an unsealed indictment on Friday as Tyurin.
Tyurin has pleaded not guilty in this particular case. He reportedly worked with mastermind Gery Shalon in order to steal personal data from JPMorgan and other banks for use in a pump-and-dump stock scheme that may have made hundreds of millions of dollars. Tyurin has been elusive for years. But authorities were unsure if they could get him extradited to the United States in the first place. Russia also wanted him, and many believed that he would never find his way to America. Multiple other suspects have either been convicted or pleaded guilty, although Shalon has yet to face trial and might be cooperating in return for leniency.
Bloomberg also says that Tyurin is a class of Russian hackers tied to intelligence agencies that profit from “criminal hacking, while also providing valuable information to their Russian minders”. Is there more to this than we know? Bloomberg is also suggesting that this could mean that Tyurin has information on the intrusions into the Democratic computer system hack before the 2016 election. That said, there isn’t any hard evidence of this, so it might just be speculation at this point.
How will this play out? While I want to say that he will surely go to jail, that’s not certain. It sounds like prosecutors are looking for something else. More specifically, if he does have evidence that Russia tried to recruit Tyurin to help with their spying efforts, or to participate in the 2016 election hack, they’re going to want to know more about that. Prosecutors are willing to impose a lighter sentence, especially if it means that more information about Russia comes forward. I find this whole thing extremely interesting. A hack on JPMorgan Chase databases could lead authorities to the people behind the 2016 Presidential Election hack. Donald Trump isn’t going to be happy with this one.