The crucial point is FSB continued to use Belan rather than detaining him based on the Interpol Red Notice. Further, Belan used the stolen data to personally enrich himself, something FSB had to know. Thus FSB is essentially a criminal enterprise / national security agency, and it would not be outlandish to assume they were sharing in the proceeds.
FSB also of course used the hacked data to target people of interest to them,,]. If any of the targeted were dumb enough to use their Yahoo password on other accounts, then their job became so much easier. And I guarantee some of them did.
From the DoJ announcement:
Instead of acting on the U.S. government’s Red Notice and detaining Belan after his return, Dokuchaev and Sushchin subsequently used him to gain unauthorized access to Yahoo’s network. In or around November and December 2014, Belan stole a copy of at least a portion of Yahoo’s User Database (UDB), a Yahoo trade secret that contained, among other data, subscriber information including users’ names, recovery email accounts, phone numbers and certain information required to manually create, or “mint,” account authentication web browser “cookies” for more than 500 million Yahoo accounts.
The arrested are:
Dmitry Aleksandrovich Dokuchaev, 33, was an officer in the FSB Center for Information Security, aka “Center 18.” Dokuchaev was a Russian national and resident.
Igor Anatolyevich Sushchin, 43, was an FSB officer, a superior to Dokuchaev within the FSB, and a Russian national and resident. Sushchin was embedded as a purported employee and Head of Information Security at a Russian investment bank.
Alexsey Alexseyevich Belan, aka “Magg,” 29, was born in Latvia and is a Russian national and resident. U.S. Federal grand juries have indicted Belan twice before, in 2012 and 2013, for computer fraud and abuse, access device fraud and aggravated identity theft involving three U.S.-based e-commerce companies and the FBI placed Belan on its “Cyber Most Wanted” list. Belan is currently the subject of a pending “Red Notice” requesting that Interpol member nations (including Russia) arrest him pending extradition. Belan was also one of two criminal hackers named by President Barack Obama on Dec. 29, 2016, pursuant to Executive Order 13694, as a Specially Designated National subject to sanctions.
Karim Baratov, aka “Kay,” “Karim Taloverov” and “Karim Akehmet Tokbergenov,” 22. He is a Canadian and Kazakh national and a resident of Canada.