Guccifer

Lazăr is of Romanian and Hungarian ancestry.^[5] He lived in the village of Sâmbăteni, part of the Păuliș commune, to the east of Arad, Romania.^[5]

Lazăr has said that his pseudonym Guccifer is a portmanteau of "Gucci" and "Lucifer" (a reference, he says, to "the style of Gucci and the light of Lucifer").^[6]

Lazăr had no particular computer expertise, but instead used patience and persistence to obtain private information.^[5] Lazăr had "no fancy equipment, only a clunky NEC desktop and a Samsung cellphone, and no special skills beyond what he had picked up on the web."^[5] He used the simple technique of finding information about his victims online and then using this to guess the correct answers to security questions.^[5] At the time of his arrest in 2014, Lazăr was an unemployed taxi driver.^[5]

Lazăr later hacked Colin Powell's website and accessed years' worth of his correspondence from another AOL account. The correspondence included personal financial information as well as e-mails to George Tenet, Richard Armitage, and John Negroponte.^[7] Through six months of trial and error, Lazăr guessed the password of Romanian politician Corina Crețu and gained access to her correspondence with Powell.^[5]

The hacker also targeted U.S. Senator Lisa Murkowski; a senior UN official; members of the Rockefeller family; former FBI and Secret Service agents,^[8] as well as the brother of Barbara Bush, CBS sportscaster Jim Nantz, and former Miss Maine Patricia Legere.^[9]

On March 20, 2013, USA Today reported that Lazăr had successfully hacked the e-mail account of Sidney Blumenthal, a former aide to former president Bill Clinton.^[10] He distributed private memos from Blumenthal to Secretary of State Hillary Clinton involving recent events in Libya, including the September 11, 2012 Benghazi attack.^[11] Before distributing the memos, he copied and pasted the text into his own new documents, then reformatted them with pink backgrounds and Comic Sans font.^[11] The hacker's IP address was traced to Russia, however there was no certainty as to whether this was his actual location or whether he had used a proxy to hide his true location.^[12]

In early May 2013, Lazăr hacked into online accounts owned by two members of the Council on Foreign Relations, as well as accounts owned by Adam Posen and his wife and another owned by a former Federal Reserve Board official.^[13]

TSG reported on May 7, 2013, that Lazăr had hacked the Twitter feed and e-mail account of Sex and the City author Candace Bushnell.^[13] Bushnell spent several hours fighting for control of the accounts, while Lazăr publicly posted portions of an unpublished manuscript to Bushnell's Twitter feed. Lazăr sent an e-mail to TSG claiming responsibility for the hack using the AOL account of actor Rupert Everett.^[13]

On 22 January 2014, Lazăr, then age 40, was arrested by the Romanian law enforcement agency DIICOT (the Department of Investigation of Organized Crime and Terrorism Offenses, Direcția de Investigare a Infracțiunilor de Criminalitate Organizată și Terorism) at his home in Sâmbăteni, Arad County.^[14][15]

In 2014, a Romanian court sentenced Lazăr to four years in jail for accessing email accounts of public figures "with the aim of getting ... confidential data."^[16]

Lazăr had already had a police record in Romania, having been arrested and convicted there in 2011 for "hacking into the email accounts of Romanian starlets and other celebrities" under the pseudonym Micul Fum ("Little Smoke").^[5] He was serving a separate three-year sentence in Romania for those crimes.^[16]

In an interview with the New York Times in November 2014 conducted while Lazăr was imprisoned in the Arad Penitentiary, the hacker "read out a lengthy handwritten statement that he said explained the purpose of his hacking," which included "a potpourri of conspiracy theories about the terrorist attacks of September 11, 2001, the 1997 death of Princess Diana and alleged plans for a nuclear attack in Chicago in 2015."^[5] Lazăr claimed that the world is run by the Illuminati and a cabal of others.^[5]

On June 12, 2014, Lazăr was indicted by a federal grand jury in the United States District Court for the Eastern District of Virginia in Alexandria, Virginia, on nine charges: three counts of wire fraud, three counts of gaining unauthorized access to protected computers, and one count each of aggravated identity theft, cyberstalking and obstruction of justice.^[16][17][18]

The indictment alleged that:

From December 2012 to January 2014, [Lazăr] hacked into the email and social media accounts of high-profile victims, including a family member of two former U.S. presidents, a former U.S. Cabinet member, a former member of the U.S. Joint Chiefs of Staff and a former presidential advisor. After gaining unauthorized access to their email and social media accounts, [Lazăr] publicly released his victims' private email correspondence, medical and financial information, and personal photographs. The indictment also alleges that in July and August 2013, [Lazăr] impersonated a victim after compromising the victim's account.^[18]

In March 2016, Romania approved an 18-month temporary extradition to the United States, and Lazăr was surrendered to U.S. authorities.^[16][17] Since his extradition, Lazăr has been detained at Alexandria City Jail^[19][20] in Alexandria, Virginia.^[12] He made his first U.S. court appearance on April 1, 2016.^[21]

In May 2016—one month after being extradited to the U.S., and while jailed in Virginia awaiting trial—Guccifer claimed to have repeatedly hacked Hillary Clinton's email server. This claim occurred in the midst of an ongoing FBI probe of Clinton's use of a private email server while serving as United States Secretary of State. Lazăr claimed that the server was "like an open orchid on the Internet"^[22] and that "it was easy ... easy for me, for everybody."^[12]

Lazăr provided no proof of his claim, and U.S. investigators found no evidence to support the claim.^[23][24][25] U.S. officials have also said that if Lazăr had obtained information from Clinton's servers, he would have publicly released such information, as he did when he obtained access to other high-profile individuals,^[25] such as Sidney Blumenthal^[26] and George W. Bush.^[27] According to an FBI report, Lazăr stated during interrogation that he had lied to FOX News when claiming he hacked Clinton's e-mail server, and investigators determined that although he may have attempted to access the server, no additional solid forensic evidence was found to tie Lazăr to this failed access attempt.^[28]

On May 25, 2016, Lazăr—then age 44—pleaded guilty in U.S. federal court to unauthorized access to a protected computer and aggravated identity theft as part of a plea agreement with federal prosecutors.^[29]

According to a Justice Department press release:

In a statement of facts filed with his plea agreement, [Lazăr] admitted that from at least October 2012 to January 2014, he intentionally gained unauthorized access to personal email and social media accounts belonging to approximately 100 Americans, and he did so to unlawfully obtain his victims' personal information and email correspondence. His victims included an immediate family member of two former U.S. presidents, a former member of the U.S. Cabinet, a former member of the U.S. Joint Chiefs of Staff and a former presidential advisor, he admitted. [Lazăr] admitted that in many instances, he publically [sic] released his victims’ private email correspondence, medical and financial information and personal photographs.^[29]

On September 1, 2016, U.S. District Judge James C. Cacheris sentenced Lazăr to 52 months in prison. The judge also stated that the Justice Ministry of Romania had made a request for Lazăr to be returned to Romania to complete his prison service there, before being conditionally released in 2018 and returned to America to serve his U.S. prison sentence.^[3] He was released from prison in August 2021.^[30]

• 2016 Democratic National Committee email leak
• Guccifer 2.0