Feds fight biggest identity theft in history

A MAJOR HACKING RING is allegedly responsible for stealing and selling over 40 million payment card details.

Eleven suspects face charges of conspiracy, fraud and identity theft as part of the scheme.

The three main suspects are Albert 'Segvec' Gonzalez, Christopher Scott and Damon Patrick Toey who are in custody for allegedly hacking into the wireless computer networks of several major corporations.

Some of the US companies affected are OfficeMax, Barnes & Noble, Boston Market, Sports Authority, Forever 21, DSW, BJ's Wholesale Club and TJX Companies.

Sherry Lang of TJX says that, "With our customers always being our primary focus, TJX has gone to great lengths to secure its customers' data, however, broader action beyond retailers alone is required to protect consumer data. Banks and the US payment card industry must join retailers and work together, including installing the proven card security measures in the US that are already in use throughout much of the rest of the world."

All companies involved have apparently cooperated with investigations in order to help their customers – as expected.

All of the three main suspects were apprehended by authorities while on holiday. Gonzalez is in federal custody while Suvorov and Yastremskiy await extradition from Germany and Turkey.

This huge investigation also involved numerous US federal law enforcement agencies including the Justice Department, the Internal Revenue Service and the Secret Service.

As this scheme was going on all over the world it was hard to track down information and the US Secret Service says that "it was three investigations going on in three US attorneys offices that were eventually coordinated, and it was realised it was one ring of people who were involved in this."

The SS also explains that "with the worldwide reach of the Internet, criminals can now operate from almost anywhere on the globe to steal personal information from … almost anywhere on the globe, in particular from our citizens. When they do, there are international online marketplaces where they can peddle that stolen information."

The prosecution claims that, once the suspects gained access to the sites they wanted, they installed 'sniffer' programs which collect digital information such as passwords and account numbers. They then stored this on encrypted servers in Eastern Europe and sold it there as well as in the US.

Attorney General Michael Mukasey said today at a news conference in Boston, "As far as we know, this is the single largest and most complex identity theft case that's ever been charged in this country." µ

L'Inq
ABC News