In an official statement released on Tuesday, the Security Service of Ukraine (SBU) said it identified the hacker behind the pseudonym "Sanix," who is a resident of the Ivano-Frankivsk region of Ukraine, but it did not reveal his actual identity to the media.
In January last year, the hacker tried to sell the massive 87-gigabyte database labeled as "the largest array of stolen data in history," which, according to security experts, was just a fraction of the stolen data Sanix collected.
According to the authorities, Sanix had at least 6 more similar databases of stolen and broken passwords, totaling in terabytes in size, which also included billions of phone numbers, payment card details, and Social Security numbers.
Besides email logins, the database also contained bank card PIN codes, e-wallets of cryptocurrencies, PayPal accounts, and information about computers hacked for further use in botnets and to launch distributed denial-of-service (DDoS) attacks, the SBU said.
At that time, Sanix offered "lifetime" access to the stolen databases for modest amounts ranging from $45 to $65.
The stolen data included personal and financial data from residents of different countries, including the European Union and North America, the authorities said.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
Search at his residence resulted in the seizure of computer equipment with 2 terabytes of stolen data, phones with evidence of illegal activities, and more than $10,000 in cash from illegal transactions—190,000 Ukrainian hryvnias (~$7,100) and over $3,000.
Sanix is now facing Ukrainian criminal charges for unauthorized interference with computers and unauthorized sale or dissemination of information with limited access stored in computers.
If found guilty, a combination of these two charges can lead up to 8 years in prison under the Criminal code of Ukraine.
You can watch the video of Sanix's arrest operation, which was carried out jointly with the cyber police, investigators of the National Police under the prosecutor's procedural guidance.