Washington - In the largest and most complex case of
identity theft in the United States, 11 people have been charged with
stealing more than 40 million debit and credit card numbers, the
Justice Department said Tuesday.
The indictments, by grand juries in Massachusetts, California, and
earlier in New York, charged three US citizens, and one person from
Estonia, three from Ukraine, two from China and one from Belarus with
crimes including identity theft, fraud and conspiracy. One person was
only known by an alias online.
The men used sophisticated computer hacking techniques, breached
security systems and installed programmes that collected large
quantities of personal financial data, which they then allegedly sold
to others or used themselves, Attorney General Michael Mukasey told a
news conference.
According to the Boston indictment, Albert Gonzalez and his co-
conspirators got the card numbers by 'wardriving' or hacking into the
wireless computer networks of major US retailers over a period of
five years. They installed 'sniffer' programmes to capture the card
numbers, password and account information.
The men concealed the data in encrypted computer servers that they
controlled in Eastern Europe and the US. They allegedly sold some of
the numbers on the internet.
The numbers that they didn't sell 'cashed out' by encoding the
card numbers on the magnetic strips of blank cards. The men then used
these cards to withdraw tens of thousands of dollars at a time from
ATMs, a Justice Department statement said.
The case demonstrates that computer crimes are not confined within
national borders.
'The people accused of carrying out this scheme worked out of
several different countries, and targeted retail operations without
regard to jurisdiction. With the worldwide reach of the internet,
criminals can now operate from almost anywhere on the globe to steal
personal information from our citizens,' Mukasey said.
The men targeted at least nine major US retail corporations,
including the TJX Corporation, whose stores include Marshalls and TJ
Maxx; BJ's Wholesale Club; Barnes and Noble; Sports Authority; Office
Max and DSW shoe stores.
'This case highlights our increasing vulnerability to the theft of
personal information. Computer networks and the internet are an
indispensable part of the world economy. But even as they provide
extraordinary opportunities for legitimate commerce and
communication, they also provide extraordinary opportunities for
criminals,' Mukasey said.
He did not say whether all the victims were aware their identities
had been stolen.
USA
Your Talkback on this Story