Russian Pleads Guilty in Major Hacking Case

A Russian national accused of hacking payment systems of major retailers and the Nasdaq stock market, resulting in $300 million in losses, pleaded guilty Tuesday to US criminal charges.

Prosecutors said Vladimir Drinkman, 34, pleaded guilty in New Jersey federal court to charges of conspiracy to commit wire fraud and to unauthorized access of protected computers.

Drinkman was arrested in the Netherlands in 2012 and extradited to the United States in February of this year.

He is set to be sentenced on January 15, according to the Justice Department.

Drinkman was accused of leading what officials called “the largest international hacking and data breach scheme ever prosecuted in the United States.”

“This hacking ring’s widespread attacks on American companies caused serious harm and more than $300 million in losses to people and businesses in the United States,” Assistant Attorney General Leslie Caldwell said in a statement.

US Secret Service director Joseph Clancy said the case “highlights the effectiveness of global law enforcement partnerships in the detection and dismantling of criminal enterprises targeting US citizens.”

Drinkman and his co-defendants were charged with hacking into the Nasdaq, retailers 7-Eleven, Carrefour, JC Penney and other companies, with losses estimated at more than $300 million between 2005 and 2012.

Drinkman and fellow Russian Alexandr Kalinin were previously charged as unnamed “Hacker 1” and “Hacker 2” in a 2009 indictment in connection with five corporate data breaches, including the breach of Heartland Payment Systems, which at the time was the largest ever reported.

Drinkman and another Russian defendant, Dmitriy Smilianets, were arrested at the request of the United States while traveling in the Netherlands on June 28, 2012.

Smilianets was extradited months later and is in US custody.

Kalinin and two others remain at large, officials said.

US officials have had little help from Russia and other Eastern European countries in extraditing accused hackers, but some success in nabbing suspects during trips to other locations.

Officials said the gang stole some 160 million credit card numbers and then sold them through online markets.

The biggest hack at the time was at Heartland, a major payment processor hit by malware that allowed thieves to steal 130 million card numbers, resulting in some $200 million in losses.

The hackers also penetrated the Dow Jones news and information service, compromising some 10,000 login credentials, according to officials.

French-based retailer Carrefour and Belgium’s Dexia bank were also among the victims, along with US airline JetBlue and other retailers and financial firms.