The son of a Russian lawmaker was sentenced on Friday (local time) by a US federal court to 27 years in prison after being convicted of a cyber assault on thousands of US businesses, marking the longest ever hacking-related sentence in the United States.
Roman Seleznev (32) was found guilty last year by a jury in Seattle of perpetrating a scheme that prosecutors said involved hacking into point-of-sale computers to steal credit card numbers and caused $US169 million ($NZ240m) in losses to US firms.
The Russian government has maintained that his arrest in 2014 in the Maldives was illegal. It issued a statement on Friday criticising the sentence and said it believed Seleznev's lawyer planned to appeal.
“We continue to believe that the arrest of the Russian citizen Roman Seleznev who de facto was kidnapped on the territory of a third country is unlawful," the Russian Embassy in Washington said in a post on its Facebook page.
Seleznev is the son of Valery Seleznev, a member of the Russian parliament. The sentence was imposed by Judge Richard A. Jones of the Western District of Washington.
His conviction followed a decade-long investigation by the US Secret Service, the Department of Justice said in a press release.
Prosecutors said that from October 2009 to October 2013 Seleznev stole credit card numbers from more than 500 US businesses, transferred the data to servers in Virginia, Russia and the Ukraine and eventually sold the information on criminal "carding" websites.
Seleznev faces separate charges pending in federal courts in Nevada and Georgia.
His lawyer did not immediately respond to a request for comment.
A federal grand jury in Connecticut returned an eight-count indictment charging a Russian national who was arrested earlier this month with operating the Kelihos botnet, a global network of tens of thousands of infected computers, the US Justice Department said on Friday.