Cyprus police seized servers that were used to sell social security numbers and other personal information stolen from 24 million US citizens, a law enforcement official said Thursday.
The head of the police’s cybercrime department, Andreas Anastasiades, told the state-run Cyprus News Agency that four websites had been taken down in a joint operation with the Federal Bureau of Investigation and the US Internal Revenue Service.
Anastasiades said the server manager, who resides in Cyprus, cooperated with authorities following a six-month investigation.
A statement from the US Department of Justice said the SSNDOB Marketplace websites have operated for years and generated more than $19 million in sales revenue.
The personal information hacked included the names, dates of birth and social security numbers of US citizens.
According to the statement, SSNDOB administrators advertised on darkweb criminal forums. To avoid detection, administrators used online nicknames to conceal their true identities, maintained servers in various countries, and forced buyers to use digital payment methods like bitcoin.
He said the international operation “to dismantle and seize this infrastructure” resulted from cooperation with law enforcement authorities in Cyprus and Latvia.