Sign up for our newsletter
Technology / Cybersecurity

US charges five men in $300m hacking and data breach

Federal prosecutors in the US have charged five men responsible for a global hacking and data breach scheme, which cost companies over $300m.

Hackers stole over 160 million credit card numbers and conspired with others to penetrate the computer networks of several of the largest payment processing companies, retailers and financial institutions globally.

The companies targeted by the hackers include NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard.

The US Department of Justice (US DOJ) however said that the NASDAQ hack did not affected its trading platform.

White papers from our partners

Hackers took user names and passwords, means of identification, credit and debit card numbers and other personal identification information of cardholders.

The USDOJ said the initial entry was gained using a SQL injection attack and hackers identified vulnerabilities in SQL databases and used those to infiltrate a computer network.

New Jersey US Attorney Paul Fishman said this type of crime is the cutting edge.

"Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security," Fishman said.

"And this case shows there is a real practical cost because these types of frauds increase the costs of doing business for every American consumer, every day. We cannot be too vigilant and we cannot be too careful."

DOJ’s criminal division acting assistant attorney general Mythili Raman said: "The defendants charged today were allegedly responsible for spearheading a world-wide hacking conspiracy that victimised a wide array of consumers and entities, causing hundreds of millions of dollars in losses."
This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.