Russian citizen Georgy Kavzharadze was sentenced to 40 months in prison for selling almost 300,000 stolen login credentials and personally identifiable information (PII) on the criminal internet marketplace Slilpp.
What happened
Georgy Kavzharadze (27) from Moscow, Russia, was sentenced to 40 months in prison after pleading guilty to conspiracy to commit bank fraud and wire fraud. Kavzharadze operated as a vendor called ‘TeRorPP’ on Slilpp between July 2016 and May 2021.
The FBI and international law enforcement partners disrupted Slilpp in June 2021, seizing its infrastructure and domain names.
Specifically, Kavzharadze’s illegal activities involved selling stolen login credentials that allowed buyers to access victims’ online payments and bank accounts. His listings included credentials for banks located in states such as New York, California, Nevada, and Georgia.
Kavzharadze was charged with conspiracy to commit bank fraud and wire fraud, as well as access device fraud and aggravated identity theft. He was extradited to the United States and has been in custody since his initial court appearance in May 2022.
By the numbers
- Kavzharadze sold 297,300 of the 626,100 stolen login credentials listed.
- His actions were linked to $1.2 million in fraudulent transactions.
- He withdrew over $200,000 in profits from his Bitcoin account.
- Kavzharadze was ordered to pay $1,233,521.47 in restitution.
Why it matters
If malicious actors access PII, they can impersonate victims, commit financial crimes, or carry out other harmful actions.
Moreover, Slilpp was a major marketplace for stolen credentials so the FBI’s operation to dismantle its infrastructure helped curb the activities of these cybercriminals.
The bottom line
The conviction and sentencing of Georgy Kavzharadze demonstrate the effectiveness of international cooperation in tackling cybercrime. As threats evolve, law enforcement agencies must stay vigilant in disrupting criminal networks that trade in stolen information to protect individuals from financial harm.
FAQs
What is personally identifiable information (PII)?
Personally identifiable information (PII) is data that can be used to identify an individual. This includes names, Social Security numbers, email addresses, phone numbers, and financial account details.
Why is PII valuable to cybercriminals?
PII is valuable because it can be used for identity theft, financial fraud, and other malicious activities. Cybercriminals often sell PII on dark web marketplaces like Slilpp, where buyers can use it to commit fraud or impersonate victims.
How does encryption protect PII?
Encryption converts PII into a coded format, making it difficult for unauthorized parties to access the information, even if it is intercepted or stolen. Moreover, covered entities must use encryption methods to secure PII in accordance with the Health Insurance Portability and Accountability Act (HIPAA).
Go deeper: HIPAA Compliant Email: The Definitive Guide
