The US Justice Department this week announced separate charges against two Russian nationals accused of being involved in cybercriminal activities, including a man allegedly involved in the 2013 hacking of retailers Michaels and Neiman Marcus.
One of the indicted individuals is Aleksey Timofeyevich Stroganov, also known as Aleksei Stroganov, Flint, Flint24, Gursky Oleg, and Oleg Gurskiy. He and his accomplices allegedly hacked into the computers of companies and individuals in an effort to steal personal information, including credit and debit card data.
Stroganov and the others obtained hundreds of millions of payment card and banking account records, which they sold on cybercrime forums, causing losses totaling $35 million to impacted financial institutions.
An indictment provides specific examples of how the cybercriminals made millions of dollars through the sale of stolen information.
According to the indictment, Stroganov was involved in the 2013 hacker attacks aimed at high-end department store Neiman Marcus and arts and crafts store chain Michaels Stores.
Court documents also show that one of Stroganov’s partners was Roman Valeryevich Seleznev, the son of a Russian lawmaker, who received multiple prison sentences in the United States in 2017 and 2018 for his cybercriminal activities, the longest being 27 years.
Stroganov was arrested by Russian authorities in 2020 as part of a crackdown on a major fraud ring, but it’s unclear if he was ever sentenced.
Cybersecurity blogger Brian Krebs covered the news at the time and described Stroganov as “a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade.”
The second Russian national charged this week in the US is Tim Stigal, who was allegedly part of four different operations involved in the trafficking of stolen payment card information.
The indictment describing the charges against Stigal focuses on three unnamed victims described as corporations based in Pennsylvania, California and Virginia.
“In relation to one of the conspiracies, and in an attempt to extort one of the corporate victims, Stigal additionally transmitted a threat to impair the confidentiality of stolen personal data belonging to customers of the corporate victim if a ransom was not paid to Stigal,” the DoJ said.
Stroganov has been charged with conspiracy to commit wire fraud affecting a financial institution, wire fraud, bank fraud, and aggravated identity theft. Stigal has been charged with wire fraud conspiracy, wire fraud, computer fraud extortion, access device fraud, and aggravated identity theft.
They each face tens of years in prison, but it remains to be seen if they can actually be brought to justice.
Related: US Sanctions Russian National for Helping Ransomware Groups Launder Money
Related: US, UK Announce Charges and Sanctions Against Two Russian Hackers
Related: Russian Pleads Guilty to Role in Developing TrickBot Malware
