A 32-year-old Russian hacker was sentenced to 27 years in prison in the U.S. for stealing millions of payment card details from businesses by infecting their point-of-sale systems with malware.
The sentence is the longest ever handed out in the U.S. for computer crimes, surpassing the 20-year jail term imposed on American hacker and former U.S. Secret Service informant Albert Gonzalez in 2010 for similar credit card theft activities.
Roman Valeryevich Seleznev, a Russian citizen from Vladivostok, was sentenced Friday in the Western District of Washington after he was found guilty in August of 10 counts of wire fraud, eight counts of intentional damage to a protected computer, nine counts of obtaining information from a protected computer, nine counts of possession of 15 or more unauthorized access devices and two counts of aggravated identity theft.
Roman Seleznev is the son of Valery Seleznev, a member the lower house of the Russian Parliament known as the Duma. Valery Seleznev accused the U.S. authorities of kidnapping his son when they detained him in 2014 in the Maldives with the help of local authorities and subsequently flew him to Guam.
Roman Seleznev was known in the cybercrime world as a prominent carder -- a trader of stolen payment card data. He used the online aliases Track2, 2pac and nCuX and sold millions of credit card details on specialized cybercriminal websites.
U.S. authorities claim that from 2009 to 2013 Seleznev infected the point-of-sale systems of more than 500 U.S. businesses with malware that captured payment card data and siphoned it off to servers under his control. The same technique was used by hackers in some of the largest data breaches that came to light in recent years, including those at U.S. retailers Target, Home Depot and Neiman Marcus.
The laptop found in the hacker's possession when he was arrested in 2014 contained 1.7 million stolen credit card numbers. Earlier this month, Seleznev sent a handwritten letter to the judge taking responsibility for his actions and asking for leniency.
In the letter, the hacker described his rough childhood and the events that led up to his life of crime. He wrote that he was raised in poverty by his single mother after his parents divorced when he was two years old.
He described himself as a respectful, polite and good child who tried to make his mother and father proud, but all that changed following the sudden death of his mother when he was 17. He was forced to drop out of college and find work at a computer club, but didn't manage to earn enough to even pay the bills for his mother's apartment.
That's when he discovered CarderPlanet, one of the first cybercriminal forums specialized in the trading of credit card data, and started using his computer skills to hack into businesses.
After the sentencing Friday, Seleznev's lawyer read a handwritten statement from the hacker that is very different in tone from his previous letter. In it, he described himself as a political prisoner, kidnapped by the U.S. government, the Associated Press reported. He also claims that the sentence is an indication that he is being used as a pawn by the U.S. government to send a message to Russian President Vladimir Putin and the world.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.