US authorities unveiled charges against two Vietnamese nationals and one Canadian in connection with a computer fraud scheme to steal more than one billion email addresses

US authorities Friday unveiled charges against two Vietnamese nationals and one Canadian in connection with a computer fraud scheme to steal more than one billion email addresses.

The episode was the largest known data breach of names and email addresses and was the subject of a 2011 congressional inquiry, officials said.

Indictments in the case accuse two Vietnamese nationals of hacking into at least eight major email services from February 2009 to June 2012 and stealing the email addresses that were then used for various spam and marketing schemes.

The scheme netted at least $2 million from the marketing of various products and services, according to the US Justice Department.

Those charged with hacking were Viet Quoc Nguyen, 28, and Giang Hoang Vu, 25, both Vietnamese nationals.

The charges were unsealed following the arrest of David-Manuel Santos Da Silva, 33, of Montreal, Canada, who is accused of conspiracy to commit money laundering for helping Nguyen and Vu to generate revenue from the scheme and launder the proceeds.

"These men—operating from Vietnam, the Netherlands and Canada—are accused of carrying out the largest data breach of names and e-mail addresses in the history of the Internet," said Assistant Attorney General Leslie Caldwell.

The scheme sent millions of spam emails to the victims, some of them containing malware that allowed hackers to access their personal information

Da Silva was arrested last month at Fort Lauderdale International Airport and was to be arraigned Friday in Atlanta.

Vu was arrested in 2012 in the Netherlands and extradited to the United States in March 2014.

Last month, he pleaded guilty to conspiracy to commit computer fraud and is to be sentenced on April 21, officials said. Nguyen remains a fugitive.

Hijacking marketing platforms

"This case reflects the cutting-edge problems posed by today's cybercrime cases, where the hackers didn't target just a single company; they infiltrated most of the country's email distribution firms," said Acting US Attorney John Horn in Atlanta.

"And the scope of the intrusion is unnerving, in that the hackers didn't stop after stealing the companies' proprietary data—they then hijacked the companies' own distribution platforms to send out bulk emails and reaped the profits from email traffic directed to specific websites."

According to investigators, Da Silva owned 21 Celsius Inc., a Canadian corporation that ran Marketbay.com, which he used to help generate revenue from the data thefts.

Nguyen received a commission on sales generated from Internet traffic that he directed to websites promoting specific products, officials said.

The indictment against the two Vietnamese nationals was returned in 2012 charging them with wire fraud, conspiracy and computer fraud.

The second indictment this week charges Da Silva with money laundering conspiracy with the two others, saying he was aware of their unlawful activities.

Da Silva "knew that Nguyen was spamming to stolen email addresses in order to direct high volumes of Internet traffic to his affiliate marketing websites," the indictment said.

The scheme sent millions of spam emails to the victims, some of them containing malware that allowed hackers to access their personal information.