Member of notorious international hacking crew sentenced to prison

Seattle – A 22-year-old French citizen from Epinal, France, was sentenced today in U.S. District Court in Seattle to three years in prison and more than $5 million in restitution for conspiracy to commit wire fraud and aggravated identity theft, announced Criminal Chief Sarah Vogel for the Western District of Washington. Sebastien Raoult, aka ‘Sezyo Kaizen,’ was arrested in 2022 in Morocco and was extradited to the U.S. in January 2023. At the sentencing hearing, U.S. District Judge Robert S. Lasnik said, “This is an extraordinarily serious offense. We’re talking about him robbing people of millions of dollars.”

“For over two years, Mr. Raoult participated in extensive computer hacking that caused millions of dollars in losses to victim companies and unmeasurable additional losses to hundreds of millions of individuals whose data was sold to other criminals,” said Criminal Chief Sarah Vogel of the Western District of Washington. “Mr. Raoult’s motive was pure greed. He sold hacked data. He stole people’s cryptocurrency. He even sold his hacking tools so that he could profit while other hackers attacked additional victims.” 

According to records filed in the case, Raoult and his co-conspirators hacked into protected computers of corporate entities for the theft of confidential information and customer records, including personally identifiable information and financial information. They hacked numerous companies, including companies in Washington State, elsewhere in the United States, and around the world. After Raoult and his co-conspirators hacked companies, a user going by the name ShinyHunters posted hacked data from many of those companies for sale on dark web forums, including RaidForums, EmpireMarket, and Exploit. Between April 2020 and July 2021, ShinyHunters posted sales of hacked data from more than 60 companies. Sometimes ShinyHunters threatened to leak or sell stolen sensitive files if the victim did not pay a ransom.

Raoult helped create websites that pretended to be login pages belonging to legitimate businesses. The conspirators sent phishing emails to company employees that were designed to look like they came from legitimate businesses and contained links to those login pages. Victims provided their account sign-on credentials on those fake login pages, and the conspirators obtained the victims’ credentials. Raoult and his co-conspirators used the login information to breach victims’ accounts, steal the data stored there, and search the stolen data for credentials to access additional data on companies’ networks and third-party service providers, such as cloud storage services. In total, the conspirators stole hundreds of millions of customer records and caused loss to victim companies that is estimated to exceed $6 million.

In asking for a six-year prison term, Assistant United States Attorney Miriam Hinman wrote to the court, “Stealing and selling customer records put these hundreds of millions of individual customers at risk of identity theft and financial loss. As ShinyHunters demonstrated by listing the number of stolen customer records in its sale offerings, buyers would value the stolen data based on the number of customers whose data could be used. Raoult understood that buyers of the stolen data sought to misuse customers’ financial information, and yet he was eager to find those buyers.”

“The lengths to which Mr. Raoult and his co-conspirators went to steal personal and financial information are remarkably devious, and he played a substantial part in the scheme by creating code and phishing websites," said Richard A. Collodi, Special Agent in Charge of the Seattle field office. "Thanks to the diligent work of federal and international law enforcement, Mr. Raoult will be held accountable for his cyber-crimes, which caused millions of dollars of harm to companies and customers.”

Speaking to the court, Sebastian Raoult said “I understand my mistakes and I want to put that part behind me.  No more hacking.  I don’t want to disappoint my family again.”

Judge Lasnik said he believed Raoult’s arrest and imprisonment “has gotten through to Sebastian.” Still, he urged Raoult’s family and friends in the courtroom to “keep an eye on him” when he returns to France to guard against a return to criminal conduct.

The case is being investigated by the FBI Seattle Cyber Task Force. The case is being prosecuted by Assistant United States Attorney Miriam R. Hinman. DOJ’s Office of International Affairs provided substantial assistance. The Department of Justice also appreciates the significant cooperation and assistance provided by Moroccan and French authorities.