A suspected Russian hacker arrested recently in the Czech Republic was involved in a massive 2012 data breach at LinkedIn, the professional social networking company says.
LinkedIn said Wednesday that it has been working with the FBI to track down the culprits behind the data breach, which exposed hashed passwords from 117 million accounts.
“We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this criminal activity,” LinkedIn said in an email.
Although the company was aware of the data breach back in 2012, the full extent of the incident didn’t come to light until earlier this year. A hacker was found selling data, including some passwords, stolen four years earlier from 167 million LinkedIn accounts.
Many of those stolen records included passwords hashed with an older algorithm that was easy to crack. In response, LinkedIn quickly invalidated all the passwords it considered at risk.
Czech police have released video of the suspected Russian hacker’s arrest. He reportedly has been identified as Yevgeniy N and was born in 1987. He was arrested without incident but collapsed soon after and briefly was hospitalized.
It’s possible he will be extradited to the U.S., but the Russian government is demanding that he be returned to his home country.
“We are in contact with his attorney,” said Russian embassy spokesman Andrey Kolmakov, according to the country’s state-run news agency Tass. “Russia repudiates Washington’s policy of imposing its extraterritorial jurisdiction on all countries.”
The FBI, which assisted the Czech police in the arrest, is declining to provide more details on the suspect. However, a U.S. law enforcement official said earlier on Wednesday that the suspect had no involvement with the hack of Democratic National Committee, an incident the U.S. government suspects the Russian government had a hand in.