A Russian hacker was sentenced to 27 years in federal prison for stealing credit card numbers and selling the data online, according to The New York Times.
Roman Seleznev, the son of a Russian lawmaker, received the longest sentence for hacking-related charges in the U.S. Seleznev was convicted for running a credit card and identity theft business out of his homes in Indonesia and Russia. He then sold the data online, which resulted in the resale of more than 2 million credit card numbers and about $170 million in losses.
Seleznev, 32, targeted about 3,700 financial institutions and 500 businesses across the world, including several restaurants in the Seattle area.
“Simply put, Roman Seleznev has harmed more victims and caused more financial loss than perhaps any other defendant that has appeared before the court,” said prosecutors, who had asked for a 30-year sentence. “This prosecution is unprecedented.”
The conviction is a major win for the U.S., which has faced challenges in capturing and convicting Russian cybercriminals, who operate in relative impunity inside Russia as long as they don’t breach targets in their country.
The Secret Service tracked Seleznev for more than a decade before his arrest in the Maldives in 2014. His father is Valery Seleznev, a member of Russia’s parliament and a close ally of Vladimir Putin. He has accused the U.S. of “kidnapping” his son.
The U.S. hopes this strict sentence will deter other Russian cybercriminals.
“Today is a bad day for hackers around the world,” said Annette L. Hayes, the United States attorney for the Western District of Washington. “The notion that the internet is a Wild West where anything goes is a thing of the past.”