{ "id": "f20bc6db-c461-4c9f-bf78-6ae92ec17e98", "created_at": "2026-04-06T00:11:56.258698Z", "updated_at": "2026-04-10T13:11:34.812026Z", "deleted_at": null, "sha1_hash": "ad6fce8c61a7c7e3d82bf1e83799ae3eab160b8c", "title": "ShinyHunters member gets 3 years in prison for breaching 60 firms", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 2761826, "plain_text": "ShinyHunters member gets 3 years in prison for breaching 60 firms\r\nBy Bill Toulas\r\nPublished: 2024-01-10 · Archived: 2026-04-05 21:31:08 UTC\r\nThe U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a\r\nrestitution of $5,000,000.\r\nPreviously, in September 2023, Raoult pleaded guilty to conspiracy to commit wire fraud and aggravated identity theft,\r\nfacing a maximum punishment of 27 years in prison.\r\nRaoult, a 22-year-old from France, is known online as 'Sezyo Kaizen' and was part of the ShinyHunters hacking group. He\r\nwas arrested in Morocco in 2022 and extradited to the U.S. in January 2023.\r\nhttps://www.bleepingcomputer.com/news/security/shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nBetween April 2020 and July 2021, Raoult and his co-conspirators caused financial damages exceeding $6 million, resulting\r\nfrom the theft of the personal information of millions of people and their sale on the dark web.\r\nRaoult lured victims with specially crafted phishing pages that mimicked the login portals of their targets' employers,\r\ntricking them into entering their account credentials and other sensitive data.\r\nNext, members of the ShinyHunters group used the stolen credentials to log in to company systems and steal all data they\r\ncould access in the corporate network, cloud instances, and even systems of third-party service providers.\r\n\"The lengths to which Mr. Raoult and his co-conspirators went to steal personal and financial information are remarkably\r\ndevious, and he played a substantial part in the scheme by creating code and phishing websites,\" commented FBI agent\r\nRichard A. Collodi.\r\nShinyHunters used this corporate access to steal data from over 60 organizations, including personally identifiable\r\ninformation and financial details of millions of people.\r\nNext, the hackers threatened to leak or sell that data on platforms like the RaidForums, EmpireMarket, and Exploit if the\r\nvictimized company didn't pay them a ransom.\r\nShinyHunters leaking or selling stolen data on RaidForums\r\nSource: BleepingComputer\r\nIn many cases, the hackers followed through with their threats, leaking data publicly to expose customers' data and cause\r\nreputation and financial damage to the firms.\r\n\"For over two years, Mr. Raoult participated in extensive computer hacking that caused millions of dollars in losses to\r\nvictim companies and unmeasurable additional losses to hundreds of millions of individuals whose data was sold to other\r\nhttps://www.bleepingcomputer.com/news/security/shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms/\r\nPage 3 of 4\n\ncriminals,\" said Criminal Chief Sarah Vogel.\r\n\"Mr. Raoult's motive was pure greed. He sold hacked data. He stole people's cryptocurrency. He even sold his hacking tools\r\nso that he could profit while other hackers attacked additional victims.\r\nRaoult expressed repentance about his former activities, promising never to engage in hacking again.\r\n\"I understand my mistakes, and I want to put that part behind me. No more hacking. I don't want to disappoint my family\r\nagain,\" said Raoult during his sentencing.\r\nRaoult can  be out on supervised release in about ten months, as the time spent in detention in Morocco and the U.S. is\r\ncredited towards his three-year sentence.\r\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms/\r\nhttps://www.bleepingcomputer.com/news/security/shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms/\r\nPage 4 of 4", "extraction_quality": 1, "language": "EN", "sources": [ "ETDA" ], "origins": [ "web" ], "references": [ "https://www.bleepingcomputer.com/news/security/shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms/" ], "report_names": [ "shinyhunters-member-gets-3-years-in-prison-for-breaching-60-firms" ], "threat_actors": [ { "id": "c071c8cd-f854-4bad-b28f-0c59346ec348", "created_at": "2023-11-08T02:00:07.132524Z", "updated_at": "2026-04-10T02:00:03.422366Z", "deleted_at": null, "main_name": "ShinyHunters", "aliases": [], "source_name": "MISPGALAXY:ShinyHunters", "tools": [], "source_id": "MISPGALAXY", "reports": null }, { "id": "6f7f2ed5-f30d-4a99-ab2d-f596c1d413b2", "created_at": "2025-10-24T02:04:50.086223Z", "updated_at": "2026-04-10T02:00:03.770068Z", "deleted_at": null, "main_name": "GOLD CRYSTAL", "aliases": [ "Scattered LAPSUS$ Hunters", "ShinyCorp", "ShinyHunters" ], "source_name": "Secureworks:GOLD CRYSTAL", "tools": [], "source_id": "Secureworks", "reports": null }, { "id": "d8dff631-87b0-4320-8352-becff28dbcf1", "created_at": "2022-10-25T16:07:24.565038Z", "updated_at": "2026-04-10T02:00:05.034516Z", "deleted_at": null, "main_name": "ShinyHunters", "aliases": [], "source_name": "ETDA:ShinyHunters", "tools": [], "source_id": "ETDA", "reports": null } ], "ts_created_at": 1775434316, "ts_updated_at": 1775826694, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/ad6fce8c61a7c7e3d82bf1e83799ae3eab160b8c.pdf", "text": "https://archive.orkl.eu/ad6fce8c61a7c7e3d82bf1e83799ae3eab160b8c.txt", "img": "https://archive.orkl.eu/ad6fce8c61a7c7e3d82bf1e83799ae3eab160b8c.jpg" } }