Andrei Tyurin, a Russian citizen, was behind the theft of 83 million customer data record from JPMorgan Chase in 2014. The stolen data was then used to operate a Pump-and Dump' scheme, in which Tyurin and co-conspirators contacted data theft victims to offer bogus investment advice and stock recommendations.

Tyurin was arrested in Georgia and extradited to face charges in a New York.

Manhattan US Attorney Geoffrey S. Berman says: “Andrei Tyurin, a Russian national, is alleged to have participated in a global hacking campaign that targeted major financial institutions, brokerage firms, news agencies, and other companies. Tyurin’s alleged hacking activities were so prolific, they lay claim to the largest theft of U.S. customer data from a single financial institution in history, accounting for a staggering 80 million-plus victims. As Americans increasingly turn to online banking, theft of online personal information can cause devastating effects on their financial wellbeing, sometimes taking years to recover. Today’s extradition marks a significant milestone for law enforcement in the fight against cyber intrusions targeting our critical financial institutions.”

Tyurin is charged with one count of conspiracy to commit computer hacking, which carries a maximum prison term of five years; one count of wire fraud, which carries a maximum prison term of 30 years; four counts of computer hacking, each of which carries a maximum prison term of five years; one count of conspiracy to commit securities fraud, which carries a maximum prison term of five years; one count of conspiracy to violate the Unlawful Internet Gambling Enforcement Act, which carries a maximum prison term of five years; one count of conspiracy to commit wire fraud and bank fraud, which carries a maximum prison term of 30 years; and aggravated identity theft, which carries a mandatory consecutive term of imprisonment of two years.