A key member of the ShinyHunters hacking group was sentenced to three years’ imprisonment for his role in the theft and sale of hundreds of millions of records stolen from more than 60 companies.
Sebastien Raoult, a 22-year-old French citizen, was convicted on conspiracy to commit wire fraud and aggravated identity theft charges. As part of his sentence, he was also ordered to pay more than $5 million in restitution by the U.S. District Court in Seattle.
ShinyHunters was a prominent threat group in 2020 and 2021, responsible for stealing data from dozens of companies in the U.S. and around the world. Its victims included math-problem-solving app Mathway, meal delivery service Home Chef and overdraft protection and cash advance service Dave.
According to the Department of Justice and records filed in the case, Raoult’s role in the gang included helping craft malicious webpages that masqueraded as the login pages of legitimate businesses. ShinyHunters lured victims to the pages using phishing emails and harvested the credentials that were entered.
The gang used the harvested credentials to break into victims’ accounts to steal corporate data, including additional credentials they used to access company networks and third-party providers, such as cloud storage services.
ShinyHunters then advertised its trove of stolen personally identifiable information and corporate financial data for sale on dark web forums, including RaidForums, EmpireMarket and Exploit.
The gang marketed stolen data from more than 60 companies on the forums between April 2020 and July 2021. It also engaged in ransom activities with some of its victims, threatening to leak or sell stolen sensitive files if money was not paid.
Authorities said ShinyHunters’ crime spree caused an estimated loss to victims of more than $6 million.
Raoult, known online as “Sezyo Kaizen,” was arrested in 2022 in Morocco and was extradited to the U.S. in January 2023.
“The lengths to which Mr. Raoult and his co-conspirators went to steal personal and financial information are remarkably devious, and he played a substantial part in the scheme by creating code and phishing websites," said Richard Collodi, special agent in charge of the FBI’s Seattle field office.
Sarah Vogel of the U.S. District Attorney's Office in the Western District of Washington said Raoult was motivated by “pure greed.”
“He sold hacked data. He stole people’s cryptocurrency. He even sold his hacking tools so that he could profit while other hackers attacked additional victims,” Vogel said.
At this week’s sentencing hearing, U.S. District Judge Robert S. Lasnik described Raoult’s offending as “extraordinarily serious … We’re talking about him robbing people of millions of dollars.”
Speaking to the court, Raoult said: “I understand my mistakes and I want to put that part behind me. No more hacking. I don’t want to disappoint my family again.”
Judge Lasnik said he believed Raoult’s arrest and imprisonment had “gotten through” to the apparently remorseful hacker. However, he urged the young man’s family and friends in the courtroom to “keep an eye on him” when he returned to France after completing his sentence, to ensure he did not return to a life of crime.