The son of a Russian lawmaker was sentenced on Friday by a U.S. federal court to 27 years in prison after being convicted of a cyber assault on thousands of U.S. businesses, marking the longest ever hacking-related sentence in the United States.
Roman Seleznev, 32, was found guilty last year by a jury in Seattle of perpetrating a scheme that prosecutors said involved hacking into point-of-sale computers to steal credit card numbers and caused $169 million in losses to U.S. firms.
The Russian government has maintained that his arrest in 2014 in the Maldives was illegal. It issued a statement on Friday criticizing the sentence and said it believed Seleznev’s lawyer planned to appeal.
“We continue to believe that the arrest of the Russian citizen Roman Seleznev, who de facto was kidnapped on the territory of a third country, is unlawful,” the Russian Embassy in Washington said in a post on its Facebook page.
Seleznev is the son of Valery Seleznev, a member of the Russian parliament.
The sentence, imposed by Judge Richard A. Jones of the Western District of Washington, followed a decade-long investigation by the U.S. Secret Service.
In a handwritten statement provided by his lawyer, Seleznev said he believed the harsh sentence was a way for the United States government to send a message to Russia’s president, Vladimir Putin.
Prosecutors said that from October 2009 to October 2013 Seleznev stole credit card numbers from more than 500 U.S. businesses, transferred the data to servers in Virginia, Russia and the Ukraine and eventually sold the information on criminal “carding” websites.
Seleznev faces separate charges pending in federal courts in Nevada and Georgia.
A federal grand jury in Connecticut returned an eight-count indictment charging a Russian national who was arrested earlier this month with operating the Kelihos botnet, a global network of tens of thousands of infected computers, the U.S. Justice Department said on Friday.