Breach, Threat Management, Data Security

Russian man pleads guilty to financial firm hacks

Russian Andrei Tyurin has pleaded guilty to taking part in a cybercriminal campaign that targeted the U.S. financial sector and stole personal data from roughly 100 million customers of various firms, the DOJ announced this week.

Tyurin, 35, pleaded guilty in a Southern New York federal court to one count of conspiracy to commit computer hacking, one count of wire fraud, one count of conspiracy to violate the Unlawful Internet Gambling Enforcement Act and one count of conspiracy to commit wire fraud and bank fraud. Also, he pleaded to a separate count of conspiracy to commit wire fraud, and one additional count of conspiracy to commit computer hacking. Certain charges were transferred from the Northern District of Georgia. Collectively, the charges carry a maximum sentence of 95 years.

A September 2018 DOJ press release announcing Tyruin's extradition accused Tyruin and three other defendants of undertaking a massive hacking operation from roughly 2012 through mid-2015. This included the largest-ever theft of customer data from a single U.S. financial institution. The victimized firm is widely known to be Manhattan-based JPMorgan, from which Tyruin and others allegedly stole data belonging to 80 million customers. Tyurin and others allegedly used the data to perpetuate other criminal operations, including artificially inflating the price of stocks by deceptively marketing the stocks to individuals whose contact information was stolen in the breaches.

Tyruin was arrested and later extradited from the country of Georgia in 2018.

Citing recently filed court documents, Bloomberg reported back on Sept. 16 that Tyurin had reached a plea deal with federal prosecutors. Citing people familiar with the case, Bloomberg also reported that Tyurin's alleged co-conspirator Gery Shalon, who is also in U.S. custody, has been cooperating with federal authorities, and agreed along with other co-defendants to a series of deals to repatriate stolen funds.

Tyurin is scheduled for sentencing on Feb. 13, 2020.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.