11 charged with massive ID theft

11 charged with massive ID theft

41 million credit card numbers allegedly stolen in global ring; local firms affected

By David Abel and Jenn Abelson, Globe Staff | August 6, 2008 A ring of people spread across the globe hacked into nine major US companies and stole and sold more than 41 million credit and debit card numbers from 2003 to 2008, costing the companies and individuals hundreds of millions of dollars, federal law enforcement officials said yesterday.

"So far as we know, this is the single largest and most complex identity theft case ever charged in this country," US Attorney General Michael Mukasey said at a news conference at the John Joseph Moakley US Courthouse in Boston.

A grand jury indictment released yesterday charged that Albert "Segvec" Gonzalez of Miami, the alleged ringleader, and his 10 conspirators cruised around with a laptop computer and tapped into accessible wireless networks.

They then hacked into the networks of TJX, BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Dave & Buster's, Sports Authority, Forever 21, and DSW. After gaining access to the systems, they installed programs that captured card numbers, passwords, and account information, officials said.

In addition to Gonzalez, two other Miami residents were charged in Boston and eight other alleged conspirators were charged in San Diego. The defendants - one from Estonia, three from Ukraine, two from China, one from Belarus, and one of unknown origin - allegedly concealed the data in encrypted computer servers they controlled in Europe and the United States. They sold some of the numbers, via the Internet, to other criminals, authorities alleged.

The suspected hackers also encoded some of the stolen numbers on the magnetic strips of blank credit or debit cards, which were then used to withdraw tens of thousands of dollars from ATM machines, officials said.


formatting link

Reply to
Monty Solomon
Loading thread data ...

[IMO], we have here nine very negligent businesses, (many [with] Big Names). Running an "open" wireless access point anytime after 2003 should be criminal negligence if it results in payment card data being stolen.
Reply to
Herb Oxley

Back at my prior place of employment it was decided that we should roll out wireless access in the library and in the public information office.

We used a Linux distro to both firewall and limit the bandwidth available to those devices. The throughput out the back of the firewall/throttle was 384kbps.

Worked beautifully. We also changed all the public workstations from Windows 2000 to Ubuntu.

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.