Ukrainian authorities say they’ve arrested the hacker behind the “Collection #1” data dump, which grabbed headlines last year for exposing 773 million email addresses.
The Security Service of Ukraine (SBU) on Tuesday announced it had identified and detained the hacker, who went by the name Sanix. Authorities arrested the suspect after receiving information that Sanix was likely a Ukrainian citizen and based in the country’s Ivano-Frankivsk region.
Police searching the suspect’s home. (Credit: SBU)
The hacker gained attention in January 2019 for circulating an 87GB database on the internet that contained 773 million email addresses, along with 21 million unique passwords. Sanix then distributed six other dumps, totaling in 1TB in size, which also contained phone numbers, payment card details, and Social Security numbers.
In the wrong hands, that information could be used to send spam and break into people’s internet accounts. The risk of hijacking was especially high for people who reused the same password across multiple internet accounts.
Fortunately, much of the data inside the dump was old, and compiled from previously known data breaches, as Sanix later admitted. Still, the hacker claimed to be sitting on many more previously unknown stolen passwords, amounting to a 4TB database he was attempting to sell to other cybercriminals.
Ukrainian agents looking at the stolen information he had on his computer. (Credit: SBU)
However, as security journalist Brian Krebs notes, Sanix was “far from a criminal mastermind,” and appears to have left clues pinpointing his real-life identity.
According to the SBU, a search of Sanix’s residence revealed he possessed 2TB of stolen data on his computer. Other databases he was attempting to sell concerned logins and passwords to email inboxes, PayPal accounts, Bitcoin wallets, and PIN numbers for bank cards.
The SBU said it confiscated about $10,000 in cash during the search. Allegedly, Sanix was also involved in creating botnets and launching DDoS attacks.
The news is a reminder to secure your internet accounts with strong, unique passwords, and to use two-factor authentication when possible. To help you remember the login credentials, consider a password manager.