The United States Department of Justice (DOJ) charged three men for committing one of the largest data breaches in the history of the country. The men hacked eight e-mail service providers (ESPs) in the United States. The DOJ said the accused were two Vietnamese citizens and a Canadian citizen.

DOJ Sues 3 Men For Stealing 1 Billion Emails

Details of the allegations

The DOJ identified the Vietnamese citizens as Viet Quoc Nguyen and Giang Hoang Vu and the Canadian citizen as David-Manuel Santos Da Silva.

The agency accused Nguyen of hacking eight e-mail service provides (ESPs) in the United States from February 2009 to June 2012. Nguyen allegedly stole confidential information including proprietary marketing data containing one billion e-mail addresses.

According to the DOJ, Nguyen and Hoang Vu used the stolen data and sent “spam” to tens of millions of email recipients. One of the defendants already pleaded guilty on the charges filed against them.

Da Silva colluded with the Vietnamese hackers to make money from the spam, and launder the proceeds. A federal grand jury indicted Da Silva for conspiracy to commit money laundering on March 4, 2015.

A billion e-mail adresses stolen from the data breach

The data breach committed by the Vietnamese hackers is considered data breach in the history of the United States, and it was the subject of a Congressional inquiry in 2011.

In a statement, Assistant Attorney General Leslie Caldwell said, “These men — operating from Vietnam, the Netherlands, and Canada — are accused of carrying out the largest data breach of names and email addresses in the history of the Internet.”

Caldwell added that the defendants allegedly profited millions of dollar after hacking the ESPs and stealing one billion e-mail addresses. She said the case demonstrates the commitment of the DOJ to “bring accused cyber hackers from overseas to face justice in the United States.

On the other hand, Acting U.S. Attorney John Horn said, “This case reflects the cutting-edge problems posed by today’s cybercrime cases, where the hackers didn’t target just a single company; they infiltrated most of the country’s email distribution firms.”

Horn described the scope of the hacking incident as “unnerving” because the hackers didn’t just steal the proprietary data, but hijacked the distribution platforms of the companies, sent bulk emails and generated profits.