Connect with us

Hi, what are you looking for?



US Charges Russian Involved in 2013 Hacking of Neiman Marcus, Michaels 

US charges Russian cybercriminals, including man allegedly involved in hacking of Neiman Marcus and Michaels Stores in 2013. 

The US Justice Department this week announced separate charges against two Russian nationals accused of being involved in cybercriminal activities, including a man allegedly involved in the 2013 hacking of retailers Michaels and Neiman Marcus.

One of the indicted individuals is Aleksey Timofeyevich Stroganov, also known as Aleksei Stroganov, Flint, Flint24, Gursky Oleg, and Oleg Gurskiy. He and his accomplices allegedly hacked into the computers of companies and individuals in an effort to steal personal information, including credit and debit card data. 

Stroganov and the others obtained hundreds of millions of payment card and banking account records, which they sold on cybercrime forums, causing losses totaling $35 million to impacted financial institutions. 

An indictment provides specific examples of how the cybercriminals made millions of dollars through the sale of stolen information. 

According to the indictment, Stroganov was involved in the 2013 hacker attacks aimed at  high-end department store Neiman Marcus and arts and crafts store chain Michaels Stores.  

Court documents also show that one of Stroganov’s partners was Roman Valeryevich Seleznev, the son of a Russian lawmaker, who received multiple prison sentences in the United States in 2017 and 2018 for his cybercriminal activities, the longest being 27 years. 

Stroganov was arrested by Russian authorities in 2020 as part of a crackdown on a major fraud ring, but it’s unclear if he was ever sentenced. 

Cybersecurity blogger Brian Krebs covered the news at the time and described Stroganov as “a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade.”

Advertisement. Scroll to continue reading.

The second Russian national charged this week in the US is Tim Stigal, who was allegedly part of four different operations involved in the trafficking of stolen payment card information.

The indictment describing the charges against Stigal focuses on three unnamed victims described as corporations based in Pennsylvania, California and Virginia.

“In relation to one of the conspiracies, and in an attempt to extort one of the corporate victims, Stigal additionally transmitted a threat to impair the confidentiality of stolen personal data belonging to customers of the corporate victim if a ransom was not paid to Stigal,” the DoJ said.

Stroganov has been charged with conspiracy to commit wire fraud affecting a financial institution, wire fraud, bank fraud, and aggravated identity theft. Stigal has been charged with wire fraud conspiracy, wire fraud, computer fraud extortion, access device fraud, and aggravated identity theft. 

They each face tens of years in prison, but it remains to be seen if they can actually be brought to justice.

Related: US Sanctions Russian National for Helping Ransomware Groups Launder Money

Related: US, UK Announce Charges and Sanctions Against Two Russian Hackers

Related: Russian Pleads Guilty to Role in Developing TrickBot Malware

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.