Police arrest man suspected of LinkedIn’s 2012 mega breach

  • Liam Tung (CSO Online)
  • 20 October, 2016 07:26

A Russian citizen arrested by Czech police on Wednesday is a key suspect behind a breach at LinkedIn that affected 117 million accounts.

It may be the end of the road for a hacker suspected of a hack against LinkedIn in 2012 that became one of the largest breaches of the decade.

Police in the Czech Republic announced the arrest of an unnamed Russian man at a hotel in Prague on Wednesday.

In a brief statement, Czech police said it had collaborated with the FBI to arrest the subject of a Red Notice by Interpol who was suspected of hacking US targets. A Red Notice signifies a request for international law enforcement cooperation in locating a person with a view to extradite them.

That it was a Russian citizen raised questions whether the person was linked to recent hacks against US political parties, which the US government has officially blamed on the Russian government.

However, LinkedIn on Wednesday confirmed the person arrested is a suspect in the investigation into its 2012 breach.

"Following the 2012 breach of LinkedIn member information, we have remained actively involved with the FBI's case to pursue those responsible,” a LinkedIn spokesperson told CSO Australia in an email.

“We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this criminal activity.”

The FBI began investigating the LinkedIn hack in 2012 when it was thought to have affected just 6.5 million accounts. However, a password dump surfaced in May that contained 117 million LinkedIn accounts, which is roughly a quarter of LinkedIn’s 450 million members today, but ostensibly all of its members back in 2012.

Microsoft acquired LinkedIn two months after the extent of the professional social network's breach became public.

The accused Russian hacker was found traveling in a luxury car with his girlfriend at the time of his arrest. He collapsed shortly after being confronted by police and was later hospitalized.

Czech police have released video of his arrest, and his name is reportedly Yevgeniy N, according to the Associated Press.

As reported by Motherboard, a hacker known as “Peace” was the main person selling the LinkedIn credentials earlier this year. These were being sold with credentials stolen from MySpace and Tumblr.