A grand jury in the Northern District of California has indicted four defendants, including two officers of the Russian Federal Security Service (FSB), for computer hacking, economic espionage and other criminal offenses in connection with a conspiracy, beginning in January 2014, to access Yahoo’s network and the contents of webmail accounts. The defendants are Dmitry Aleksandrovich Dokuchaev, 33, a Russian national and resident; Igor Anatolyevich Sushchin, 43, a Russian national and resident; Alexsey Alexseyevich Belan, aka “Magg,” 29, a Russian national and resident; and Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22, a Canadian national and a resident of Canada.
The defendants used unauthorized access to Yahoo’s systems to steal information from about at least 500 million Yahoo accounts and then used some of that stolen information to obtain unauthorized access to the contents of accounts at Yahoo, Google and other webmail providers, including accounts of Russian journalists, U.S. and Russian government officials and private-sector employees of financial, transportation and other companies. One of the defendants also exploited his access to Yahoo’s network for his personal financial gain, by searching Yahoo user communications for credit card and gift card account numbers, redirecting a subset of Yahoo search engine web traffic so he could make commissions and enabling the theft of the contacts of at least 30 million Yahoo accounts to facilitate a spam campaign.
Enter Hillary Clinton, Sidney Blumenthal and Huma Abedin….
Huma Abedin forwarded sensitive State Department emails, including passwords to government systems, to her personal Yahoo email account before every single Yahoo account was hacked, a Daily Caller News Foundation analysis of emails released as part of a lawsuit brought by Judicial Watch shows.
Abedin, the top aide to former Secretary of State Hillary Clinton, used her insecure personal email provider to conduct sensitive work. This guarantees that an account with high-level correspondence in Clinton’s State Department was impacted by one or more of a series of breaches — at least one of which was perpetrated by a “state-sponsored actor.”
The U.S. later charged Russian intelligence agent Igor Sushchin with hacking 500 million Yahoo email accounts. The initial hack occurred in 2014 and allowed his associates to access accounts into 2015 and 2016 by using forged cookies. Sushchin also worked for the Russian investment bank Renaissance Capital, which paid former President Bill Clinton $500,000 for a June 2010 speech in Moscow.
A separate hack in 2013 compromised three billion accounts across multiple Yahoo properties, and the culprit is still unclear. “All Yahoo user accounts were affected by the August 2013 theft,” the company said in a statement.
Abedin, Clinton’s deputy chief of staff, regularly forwarded work emails to her personal email@example.com address. “She would use these accounts if her (State) account was down or if she needed to print an email or document. Abedin further explained that it was difficult to print from the DoS system so she routinely forwarded emails to her non-DoS accounts so she could more easily print,” an FBI report says.
Abedin sent passwords for her government laptop to her Yahoo account on Aug. 24, 2009, an email released by the State Department in September 2017 shows.
Long-time Clinton confidante Sid Blumenthal sent Clinton an email in July 2009 with the subject line: “Important. Not for circulation. You only. Sid.” The message began “CONFIDENTIAL… Re: Moscow Summit.” Abedin forwarded the email to her Yahoo address, potentially making it visible to hackers.
The email was deemed too sensitive to release to the public and was redacted before being published pursuant to the Judicial Watch lawsuit. The released copy says “Classified by DAS/ A/GIS, DoS on 10/30/2015 Class: Confidential.” The unredacted portion reads: “I have heard authoritatively from Bill Drozdiak, who is in Berlin…. We should expect that the Germans and Russians will now cut their own separate deals on energy, regional security, etc.”
The three email accounts Abedin used were firstname.lastname@example.org, email@example.com, and firstname.lastname@example.org. Though the emails released by the State Department partially redact personal email addresses, the Yahoo emails are displayed as humamabedin[redacted].
Clinton forwarded Abedin an email titled “Ambassadors” in March 2009 from Denis McDonough, who served as foreign policy adviser to former President Barack Obama’s campaign and later as White House chief of staff. The email was heavily redacted before being released to the public.
Stuart Delery, chief of staff to the deputy attorney general, sent a draft memo titled “PA/PLO Memo” in May 2009, seemingly referring to two Palestinian groups. The content was withheld from the public with large letters spelling “Page Denied.” Abedin forwarded it to her Yahoo account.
Abedin routed sensitive information through Yahoo multiple times, such as notes on a call with the U.N. secretary-general, according to messages released under the lawsuit.
Contemporaneous news reports documented the security weaknesses of Yahoo while Abedin continued to use it. Credentials to 450,000 Yahoo accounts had been posted online, a July 2012 CNN article reported. Five days later, Abedin forwarded sensitive information to her personal Yahoo email.
Abedin received an email “with the subject ‘Re: your yahoo acct.’ Abedin did not recall the email and provided that despite the content of the email she was not sure that her email account had ever been compromised,” on Aug. 16, 2010, an FBI report says.
The FBI also asked her about sending other sensitive information to Yahoo. “Abedin was shown an email dated October 4, 2009 with the subject ‘Fwd: US interest in Pak Paper 10-04’ which Abedin received from [redacted] and then forwarded to her Yahoo email account…. At the time of the email, [redacted] worked for Richard Holbrooke who was the Special Representative for Afghanistan and Pakistan (SRAP). Abedin was unaware of the classification of the document and stated that she did not make judgments on the classification of materials that she received,” the report said.
The U.S. charged Sushchin with hacking half a billion Yahoo accounts in March 2017, in one of the largest cyber-breaches in history, the Associated Press reported. Sushchin was an intelligence agent with Russia’s Federal Security Service — the successor to the KGB — and was also working as security director for Renaissance Capital, Russian media said.
“It is unknown to the grand jury whether [Renaissance] knew of his FSB affiliation,” the indictment says.
Renaissance Capital paid Bill Clinton $500,000 for a speech in 2010 that was attended by Russian officials and corporate leaders. The speech received a thank-you note from Russian President Vladimir Putin. Renaissance Capital is owned by Russian oligarch Mikhail Prokhorov, who also owned the Brooklyn Nets basketball team. He unsuccessfully ran for Russian president against Putin in 2012.
Sushchin’s indictment says “the conspirators sought access to the Yahoo, Inc. email accounts of Russian journalists; Russian and U.S. government officials,” and others. Information about the accounts such as usernames and password challenge questions and answers were stolen for 500 million accounts, the indictment says. The indictment does not mention Abedin’s account.
A hacker called “Peace” claimed to be selling data from 200 million Yahoo users.
The user data also included people’s alternate email addresses, that were often work accounts tying a Yahoo user to an organization of interest. The hackers were able to generate “nonces” that allowed them to read emails “via external cookie minting” for some accounts.
The New York Times reported that in the 2013 hack, which affected all Yahoo accounts, “Digital thieves made off with names, birth dates, phone numbers and passwords of users that were encrypted with security that was easy to crack. The intruders also obtained the security questions and backup email addressed used to reset lost passwords — valuable information for someone trying to break into other accounts owned by the same user, and particularly useful to a hacker seeking to break into government computers around the world.”
Yahoo published a notification on Sept. 22, 2016, saying: “Yahoo has confirmed that a copy of certain user account information was stolen from the company’s network in late 2014 by what it believes is a state-sponsored actor.”
Clinton downplayed the risks of her email use days later, saying it was simply a matter of convenience.
“After a year-long investigation, there is no evidence that anyone hacked the server I was using and there is no evidence that anyone can point to at all, anyone who says otherwise has no basis, that any classified materials ended up in the wrong hands. I take classified materials very seriously and always have,” Clinton said on Oct. 9, 2016, at the second presidential debate,
Abedin’s use of Yahoo email is consistent with the determination by the FBI that Clinton associates’ emails were, in fact, compromised. “We do assess that hostile actors gained access to the private email accounts of individuals with whom Secretary Clinton was in regular contact from her private account,” then-FBI director Jim Comey said in 2016.