(Bloomberg) -- A Russian who admitted carrying out one of the largest known cyberattacks against a U.S. bank is a “brazen and prolific” hacker who should serve as long as almost two decades in prison, U.S. prosecutors told a federal judge in advance of his sentencing.
Andrei Tyurin pleaded guilty in September 2019 to charges that he stole data on more than 80 million clients of JPMorgan Chase & Co. and other institutions as part of a scheme that netted hundreds of millions of dollars in ill-gotten gains.
Prosecutors said he worked with another Russian, Gery Shalon, to steal customer information from 12 financial news companies, banks and other financial firms, including Fidelity Investments, E-Trade Financial and Dow Jones & Co. His co-conspirators used the information to ply customers with spam emails promoting stocks in hopes of profiting from upswings.
The government on Tuesday urged U.S. District Judge Laura Taylor Swain to hand down a punishment consistent with federal sentencing guidelines, under a plea agreement, when he is sentenced on Dec. 3. The guidelines call for Tyurin to spend from 15 years and eight months to 19 years and seven months in prison.
Prosecutors said Tyurin was paid $19 million for his work, scheming with Shalon to destroy evidence that might lead to their apprehension, and should serve a sentence that reflects the “enormous destructive impact” of his hacking.
“Tyurin executed his crimes deliberately and over an extended period of time, and did so primarily for his own self-enrichment,” prosecutors said. “Using his specialized technical skills, Tyurin was able to infiltrate and steal from some of the world’s most sophisticated financial institutions based in the United States, profiting from his thefts while working in anonymity thousands of miles away in Russia.”
©2020 Bloomberg L.P.