Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Information on the 2024 Campaign is available now.  Click here to find out more.

Roman Sergeevich Kotov

Roman Sergeevich Kotov

ALIASES: Роман Сергеевич Котов, “zSeven,” “7even”
DOB: June 18, 1981
NATIONALITY: Russia
CITIZENSHIP: Russia
HEIGHT: N/A
WEIGHT: N/A
HAIR COLOR: Brown/balding
EYE COLOR: Brown
U.S. SECRET SERVICE FIELD OFFICE: Newark / Headquarters – Cyber Investigative Section

CASE SUMMARY

The indictment in this matter alleges that, from at least August 2005 through on or about July 2012, Roman Kotov and other co-conspirators operated a prolific hacking organization that was responsible for several of the largest known data breaches. Among other exploits during that period, the defendants and their co-conspirators penetrated the secure computer networks of several of the largest payment processing companies, retailers, and financial institutions in the world, and stole the personal identifying information of others. 

In furtherance of these schemes, Kotov specialized in harvesting data from victim computer networks. Kotov would provide this harvested information to other co-conspirators, who subsequently penetrated the victim networks and exfiltrated data.

Conservatively, Kotov and his co-conspirators unlawfully acquired over 160 million credit card numbers as a result of their hacking activities. After acquiring this information, which the defendants referred to as "dumps" – hacker shorthand for card numbers and associated data, Kotov and his co-conspirators sold the dumps to "dumps resellers" around the world, who, in turn, sold them either through online forums or directly to other individuals and organizations.

As a result of this conduct, financial institutions, credit card companies, and consumers suffered hundreds of millions in losses, including losses in excess of $300 million by just three corporate victims, and immeasurable losses to the identity theft victims due to the costs associated with stolen identities and fraudulent charges.

The prosecution is being handled by the U.S. Attorney’s Office in New Jersey and the U.S. Department of Justice Criminal Division’s Computer Crime and Intellectual Property Section.

Relevant Links

The charges and allegations contained in the indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.

If you have information regarding this individual, please contact the U.S. Secret Service at MostWanted@usss.dhs.gov.