An indictment came down last summer for what’s being
called one of the biggest data theft operations in U.S. and international
history, as four Russian men and one Ukrainian man were charged in a sophisticated
hacking scheme that may cost its victims hundreds of millions – or even
billions – of dollars. The men stole
data that included over 160 million credit card numbers from multinational
corporations like Visa, J.C.Penny, JetBlue, 7-Eleven, and even NASDAQ, selling
the information on the black market and defrauding countless consumers.
The men utilized custom malware and hacking tools to get
on the corporate networks and rip blocks of credit card numbers, security info,
and other private date, referred to as “dumps.”
They’d then sell the dumps to data theft wholesalers – or resellers –
who resold it to individual buyers, called “cashers,” who would use the cards
to make fraudulent purchases or withdraw funds. According to the indictment, U.S. credit
card data would cost $10 each while Canadian cards went for $15 and European
bank or credit card access $50.
Their criminal ring took place from 2005 until 2012 where
they tapped into computer networks of at least 17 payment companies, financial
institutions, and retailers to get the credit card and debit card
information. The companies are still
trying to add up their staggering losses, possibly in excess of $300 million
for some of them. The men are looking at
a long paid vacation behind bars, but still the damage has been done.
The scariest thing is that this kind of data and financial
theft is not rare – online fraud and data piracy is the fastest growing branch
of any crime, so prevalent that it’s highly recommended computer users and
online shoppers take proactive measures to protect their financial data, their identity,
and their credit scores.
Let’s look a few of the other biggest data thefts in U.S.
history:
U.S. Veterans Affairs - $25-$30 million
In 2006, the names, birth dates, and social security numbers of
17.5 million veterans were pirated from a single laptop that a Department of
Veterans Affairs worker had taken home for the evening, That one leak cost the VA an estimated
$25-$30 million dollars if you add up the cost to fix the problem with
reimbursements, call centers, mailing warnings, credit monitoring services for
the victims, and other “clean up” well over $20 million dollars and
counting. The lesson? Never take your work home.
Heartland Payment Systems - $140 million
This major payment-processing center was the victim of a
cyber crime in 2008 that saw the loss of 100 million credit and debit
cards. A lone hacker from Miami, Albert
Gonzalez, was apprehended, arrested, and sentenced to 20 years in Federal
prison as the ringleader of the operation that defrauded TJX, 7-Eleven, and the
grocery chain Hannaford Bros. Heartland
ended up paying out $140 in fines and restitution.
TJX – $256 million or more
Speaking of Inmate Albert Gonzalez, the same man was a
major player in 2007’s data heist at TJX, the retailer that has TJ Maxx and Marshalls
under its umbrella. Data hackers and
Gonzalez stole about 45 million credit and debit card numbers that they used to
buy millions of dollars worth of electronics from Wal-Mart and other
chains. The crime cost the company about
$25 million in direct costs but the real price tag to consumers and insurance
claimants stands to be over $250 million.
Epsilon - ???
The Dallas Marketing firm Epsilon was hacked for millions of
names and e-mail addresses in 2011, which the criminal ring used to acquire
sensitive financial data from consumers.
The information featured lists from banks and retailers like Best Buy,
JPMorgan, TiVo, Walgreen, and Kroger.
The stolen data is still being rounded up and the damage assessed and
addressed, so risk analysts estimate the total bill to be anywhere from $225
million dollars to upward of #4 billion once the dust settles.
No comments:
Post a Comment