A Russian hacker who stole customer data from LinkedIn and Dropbox nearly a decade ago was sentenced to seven years in federal prison Wednesday, officials said.
The man, Yevgeniy Alexandrovich Nikulin, 32, was convicted after a six-day trial in July, the U.S. attorney’s office for Northern California said in a statement. He was convicted of selling stolen usernames and passwords and installing malware.
Nikulin was also convicted of hacking into Formspring, a social networking service that shuttered in 2013, and Automattic, the parent company of WordPress.com. The U.S. attorney’s office said there was no evidence that he stole anything from Automattic.
Working from Moscow, Nikulin carried out the LinkedIn hack by accessing the computer of a San Francisco Bay Area-based employee and installing malware that allowed him to control the computer, officials said. He then used the employee’s login information to steal a database containing customer login and password details, the statement said.
The Formspring and Dropbox hacks were similar, officials said.
Interpol arrested Nikulin four years ago at a hotel in Prague, in the Czech Republic. He was extradited to the United States two years later, officials said.
NIkulin’s trial, which had been delayed earlier in the year because of the coronavirus pandemic, marked the first federal criminal jury trial in the Bay Area since the pandemic began, officials said.