Hey there, time traveller!
This article was published 25/7/2013 (1486 days ago), so information in it may no longer be current.
NEWARK, N.J. -- Four Russian nationals and a Ukrainian have been charged with running a sophisticated hacking organization that penetrated computer networks of more than a dozen major American and international corporations over seven years, stealing and selling at least 160 million credit and debit card numbers, resulting in losses of hundreds of millions of dollars.
Indictments were announced Thursday in Newark, where U.S. attorney Paul Fishman called the case the largest hacking and data-breach scheme ever prosecuted in the United States.
Princeton-based Heartland Payment Systems Inc., which processes credit and debit cards for small to mid-size businesses, was identified as taking the biggest hit in a scheme starting in 2007 -- the theft of more than 130 million card numbers at a loss of about $200 million.
Atlanta-based Global Payment Systems, another major payment-processing company, had nearly a million card numbers stolen, with losses of nearly $93 million, prosecutors said.
The indictment did not put a loss figure on the thefts at some other major corporations, including Commidea Ltd., a European provider of electronic payment-processing for retailers. The government said hackers in 2008 covertly removed about 30 million card numbers from its computer network.
About 800,000 card numbers were stolen in an attack on the Visa network, but the indictment did not cite any loss figure.
Not all the companies the hackers infected over the years with malicious computer software suffered financial losses. Customer log-in credentials were stolen from Nasdaq and Dow Jones Inc., the indictment said, though prosecutors said Nasdaq's securities-trading platform was not affected.
The indictment said the suspects sent each other instant messages as they took control of the corporate data, telling each other, for instance: "NASDAQ is owned." At least one man told others he used Google news alerts to learn whether his hacks had been discovered, according to the court filing.
The defendants were identified as Vladimir Drinkman, 32, of Syktyvkar, Russia, and Moscow; Aleksander Kalinin, 26, of St. Petersburg, Russia; Roman Kotov, 32, of Moscow; Dmitriy Smilianets, 29, of Moscow; and Mikhail Rytikov, 26, of Odessa, Ukraine.
Smilianets is in U.S. custody and was expected to appear in federal court next week. His New York-based lawyer, Bruce Provda, said Smilianets was in the U.S. "sightseeing" when he was arrested.
Drinkman is being held in the Netherlands pending extradition, prosecutors said. The other three defendants remain at large.
The prosecution builds on the 2009 case that resulted in a 20-year prison sentence for Albert Gonzalez of Miami, who often used the screen name "soupnazi" and is identified in the new complaint as an unindicted co-conspirator. Other unindicted co-conspirators were also named. In the Gonzalez case, which focused on the theft from Heartland, Kalinin and Drinkman were charged as "Hacker 1" and "Hacker 2."
Prosecutors identified the two as sophisticated hackers who specialized in penetrating the computer networks of multinational corporations, financial institutions and payment processors.
-- The Associated Press