Ukraine probes teen suspect in cyber theft scheme targeting California online shoppers

Ukrainian authorities have identified an 18-year-old suspect allegedly linked to an international cybercrime operation that compromised nearly 30,000 customer accounts and targeted users of a U.S.-based online retailer, officials said.

The investigation began after U.S. authorities informed their Ukrainian counterparts that hackers operating from Ukraine could be involved in attacks targeting users of American e-commerce platforms, Ukraine's Prosecutor General said in a statement on Wednesday.

According to investigators, the group gained unauthorized access to tens of thousands of customer accounts belonging to an unnamed online retailer in California between 2024 and 2025.

Officials said the hackers later used at least 5,800 of the compromised accounts to make unauthorized purchases worth roughly $721,000, causing more than $250,000 in losses, including costs related to chargebacks.

The cybercriminals used info-stealing malware to infect devices and harvest login credentials and session data. Authorities allege the stolen information was later processed and sold through online platforms and Telegram channels.

Ukrainian law enforcement said they identified an 18-year-old resident of the southern city of Odesa who allegedly managed online infrastructure used to process, sell and exploit the stolen data. Investigators said he also used cryptocurrency services to conduct transactions with alleged accomplices.

Authorities conducted searches at two residences linked to the suspect and said they seized mobile phones, computers, bank cards and electronic storage devices.

Among the materials recovered were alleged credentials for platforms used to sell stolen data, email accounts linked to compromised users, server activity logs and cryptocurrency exchange account information.

Authorities did not identify the hacker group allegedly involved or specify which malware tools were used. Police had not responded to a request for comment at the time of publication.