Largest U.S. Identity Theft Scheme Busted
Three individuals were indicted in what is believed to be the largest hacking and identity theft case ever prosecuted in the United States.
Three men were indicted on Monday in what is believed to be the largest identity theft and hacking case ever prosecuted by the U.S. Department of Justice, according to a release by the U.S. District Attorney's Office in New Jersey . The men allegedly stole more than 130 million credit and debit card numbers.
One of the men, Alberto Gonzalez, is from Miami and has served as a government informant. Two unnamed Russian individuals were also indicted on charges related to five corporate data breaches from 2006 to 2008.
Those breaches stole numbers from the 7-Eleven Inc. and Hannaford Brothers Co., as well as Heartland Payment Systems. Two additional unnamed companies were targeted by the men, according to the U.S. attorney's office in New Jersey.
From Reuters :
Authorities also for the first time tied those cases to Gonzalez, who was arrested last year on suspicion of hacking into a restaurant chain's payment system.
Attorneys for Gonzalez were not available for comment.
Prosecutors said Gonzalez and the Russians, identified as "Hacker 1" and "Hacker 2", targeted large corporations by scanning the list of Fortune 500 companies and exploring corporate websites before setting out to identify vulnerabilities.
A year ago, Gonzalez was indicted along with 10 others from five countries on accusations of stealing 41 million credit and debit card numbers from major retailers, including TJX Cos. Inc. (TJX.N ), owner of the TJ Maxx and Marshall's retail chains. Prosecutors said that ring caused more than $400 million in damages.
Prosecutors said Gonzalez and the other two men used numerous techniques to penetrate the computer systems.
Upon stealing the card numbers, Gonzalez and the others allegedly sought to sell the data to others who would make fraudulent purchases, withdrawals, and "further identity theft schemes." The defendants are charged with conspiracy to gain unauthorized access to computers, commit fraud in connection with computers, and damage computers. They each face up to 35 years in prison.