The FBI has linked a hacker said to be in part behind the plundering of 1.2 billion credentials from some 420,000 websites to the handle "Mr Grey".
The hack as reported by The Registercould be one of the biggest data theft hauls in history.
The US agency linked the hacker to the handle using open source data including email addresses posted to Russian crime forums and domain data.
Mr Grey, part of a group dubbed CyberVor, is said to used those boards to offer for sale information on any social media account including Facebook, Twitter, and Russia's VK, Reuters reports.
The papers released by a Milwaukee, Wisconsin court, show Mr Grey offered in 2011 to sell account information.
US police agencies did not comment on Grey.
The theft was revealed by Hold Security who at the time said attackers used bot-infected computers to find the 420,000 websites that were each vulnerable to SQL injection attacks.
The unnamed sites were flagged up to the malware's masters who then returned to harvest sensitive data from vulnerable servers.
The south central Russian group hauled in a staggering 4.5 billion credentials, whittled down to 1.2 billion pairs when duplicates were removed. There were 542 million unique email addresses among the cropped cache.
Hacked websites ranged from household names to small businesses located all over the world. ®