Man Stole 130m Credit and Debit Card Numbers

Posted: August 17, 2009 in Exploits, Hacking and Security
Tags: , , , , , ,

The illusion of security….

US prosecutors have charged a man with stealing data relating to 130 million credit and debit cards.

Officials say it is the biggest case of identity theft in American history.

They say Albert Gonzales, 28, and two unnamed Russian co-conspirators hacked into the payment systems of retailers, including the 7-Eleven chain.

Prosecutors say they aimed to sell the data on. If convicted, Mr Gonzales faces up to 20 years in jail for wire fraud and five years for conspiracy.

He would also have to pay a fine of $250,000 (£150,000) for each of the two charges.

Mr Gonzales used a complicated technique known as an “SQL injection attack” to penetrate networks’ firewalls and steal information, the US Department of Justice said.

His corporate victims included Heartland Payment Systems – a card payment processor, convenience store 7-Eleven and Hannaford Brothers, a supermarket chain, the DOJ said.

According to the indictment, the group researched the credit and debit card systems used by their victims, attacked their networks and sent the data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine.

The data could then be sold on, enabling others to make fraudulent purchases, it said.

Mr Gonzales is already in custody on separate charges of hacking into the computer system of a national restaurant chain.

This latest case will raise fresh concerns about the security of credit and debit cards used in the United States, the BBC’s Greg Wood reports.

Source

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s