Turkey throws book at TK Maxx hacker

gallery

A Ukrainian man suspected of playing a key role in the largest corporate data hack in history was jailed by a Turkish court for 30 years this week.

Maksym Yastremskiy was arrested while on holiday in Turkey last year and charged with hacking into Turkish bank accounts, following an investigation by the Turkish secret service.

The 27-year-old business graduate pleaded not guilty to the charge, even though he was considered to have been a key member of a gang of 11 arrested last August for hacking the computer systems of US retailer TJX and its subsidiary companies, including TK Maxx in the UK.

The TJX hack installed malicious software that compromised and captured the financial and personal data of some 100 million customers around the world.

Yastremskiy was accused of amassing $11 million (£7.25 million) from the TJX scam, among others. He has also been charged in another US case, involving the theft of data from a Texas restaurant chain.

Although the sentence handed down on Wednesday was one of the longest ever for a computer hacking offence, it was still at the low end of the possible 24 to 72-year jail term the Turkish prosecutors had pushed for.

Graham Cluley, senior technology consultant at security vendor Sophos, commented: The length of this jail time should also make others engaged in cybercrime think again.

“It may seem like the chances of being caught are small, but there are more and more convictions happening all the time, and the authorities are getting better than ever at co-operating at an international level to catch the bad guys.”



The length of the jail term, along with Turkey’s extradition rules, which mean Yastremskiy must serve his full jail term first, make it unlikely that US authorities pursuing the TJX gang will get their hands him on anytime soon.

But the length of sentence passed may offer US investigators some leverage in getting his cooperation against other gang members.

Email to a friend

Print this page