Authorities have charged four men, including two Russians, for hacking into the computer systems at Yahoo and stealing personal information.

The two Russians, Dmitry Dokuchaev and Igor Sushchin, work for Russia’s Federal Security Service (FSB), the successor of the KGB. Latvian Alexsey Belan, who is also on the FBI’s most wanted list, also received charges along with Karim Baratov, who was born in Kazakhstan and holds Canadian citizenship.

Canadian authorities arrested Baratov on Tuesday.

The authorities stated that Dokuchaev and Sushchin “protected, directed, facilitated and paid criminal hackers to collect information through computer intrusions in the United States and elsewhere.” The Department of Justice continued:

They worked with co-conspirators Alexsey Belan and Karim Baratov to hack into computers of American companies providing email and internet-related services, to maintain unauthorized access to those computers and to steal information, including information about individual users and the private contents of their accounts.

The defendants targeted Yahoo accounts of Russian and U.S. government officials, including cyber security, diplomatic and military personnel. They also targeted Russian journalists; numerous employees of other providers whose networks the conspirators sought to exploit; and employees of financial services and other commercial entities.

Belan has a reputation “for hacking U.S. e-commerce companies.” In the Yahoo attacks, Belan used “spam campaigns, searched user communications for credit card and gift card numbers and other schemes.”

Russian authorities arrested Dokuchaev in December, but agreed to work with “the FSB to avoid prosecution for bank card fraud.”

Dokuchaev and his superior Sushchin used Belan instead of detaining him. The U.S. and Russia do not have an extradition treaty, which means these three men need to travel to a country that has a treaty with the U.S.

That almost happened in 2013 when Greece authorities detained Belan, but he managed to escape to Russia.

Verizon wanted to buy Yahoo before the company disclosed the breaches, but the deal will continue at a discounted price.

Yahoo did report the 2014 hack in the fall of 2016. At that time, everyone called that breach “the largest data breach in history.” However, Yahoo disclosed another attack from 2013, larger than the 2014 attack.

No one knows if the two share a connection.