Hacker indicted for massive attack on US retail/banking networks; 130m cards at risk

	\| Click for the Finfacts Ireland Portal Homepage \| <script language="javascript" src="http://adserver.adtech.de/addyn\|3.0\|257\|1057011\|0\|1\|ADTECH;loc=700;target=_blank;key=key1+key2+key3+key4;grp=1054"></script><noscript><a href="http://adserver.adtech.de/adlink\|3.0\|257\|1057011\|0\|1\|ADTECH;loc=300;key=key1+key2+key3+key4;grp=1054" target="_blank"><img src="http://adserver.adtech.de/adserv\|3.0\|257\|1057011\|0\|1\|ADTECH;loc=300;key=key1+key2+key3+key4;grp=1054" border="0" width="468" height="60"></a></noscript>

Finfacts Business News Centre

Home


	News
	Irish
	Irish Economy
	EU Economy
	US Economy
	UK Economy
	Global Economy
	International
	Property
	Innovation

	Analysis/Comment

	Asia Economy

RSS FEED

How to use our RSS feed

See Search Box lower down this column for searches of Finfacts news pages. Where there may be the odd special character missing from an older page, it's a problem that developed when Interactive Tools upgraded to a new content management system.

Welcome

Finfacts is Ireland's leading business information site and you are in its business news section.

We provide access to live business television and business related videos from: Bloomberg TV; The Wall Street Journal; CNBC and the Financial Times. Click image:

Links

Global Income Per Capita

Global Cost of Living

Irish Tax 2008

Climate Change Reports

Global News

Newspapers

Search Finfacts News Pages

Content Management by interactivetools.com.

News : International

Last Updated: Aug 19, 2009 - 8:07:58 AM

Hacker indicted for massive attack on US retail/banking networks; 130m cards at risk
By Finfacts Team
Aug 18, 2009 - 4:26:00 AM

Email this article
Printer friendly page

The US Department of Justice announced on Monday that Albert Gonzalez, 28, of Miami, Florida, was indicted for conspiring to hack into computer networks supporting major American retail and financial organisations, and stealing data relating to more than 130 million credit and debit cards.

In a two-count indictment alleging conspiracy and conspiracy to engage in wire fraud, Gonzalez, also known as (AKA) "segvec," "soupnazi" and "j4guar17," was charged, along with two unnamed co-conspirators, with using a sophisticated hacking technique called an "SQL injection attack," which seeks to exploit computer networks by finding a way around the network’s firewall to steal credit and debit card information. Among the corporate victims named in the indictment are Heartland Payment Systems, a New Jersey-based card payment processor; 7-Eleven Inc., a Texas-based nationwide convenience store chain; and Hannaford Brothers Co., a Maine-based supermarket chain.

The indictment, which details the largest alleged credit and debit card data breach ever charged in the United States, alleges that beginning in October 2006, Gonzalez and his co-conspirators researched the credit and debit card systems used by their victims; devised a sophisticated attack to penetrate their networks and steal credit and debit card data; and then sent that data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine. The indictment also alleges Gonzalez and his co-conspirators also used sophisticated hacker techniques to cover their tracks and to avoid detection by anti-virus software used by their victims.

If convicted, Gonzalez faces up to 25 years in prison, as well as a fine of $250,000 for each charge.

Gonzalez is currently in federal custody. In May 2008, the US Attorney’s Office for the Eastern District of New York charged Gonzalez for his alleged role in the hacking of a computer network run by a national restaurant chain. Trial on those charges is scheduled to begin in New York next month.

In August of 2008, the Justice Department announced an additional series of indictments against Gonzalez and others for a number of retail hacks affecting eight major retailers and involving the theft of data related to 40 million credit cards. Those charges were filed in the District of Massachusetts. Gonzalez is scheduled for trial on those charges in 2010.

The charges announced Monday relate to a different pattern of hacking activity that targeted different corporate victims and involved different co-conspirators.

The Heartland breach exposed a weakness in US credit card payment processing compared with Europe, Avivah Litan, a security analyst at US IT research firm Gartner told the Financial Times. While most European issuers have upgraded to a chip-and-pin system, the US relies on data carried in less-secure magnetic stripes.

An estimated 20 per cent of the cards in the the Heartland theft were issued in Europe, with 13 million coming from one UK card issuer, Litan said.

Related Articles

Facebook files for an IPO; Claims 845m users

Finland's Nokia reports big loss in 2011

Apple, the iEconomy, globalization and manufacturing outside the United States

Apple reports quarterly profit of $13.1bn - - one of the biggest in US corporate history

Google fourth-quarter earnings disappoint

Three of the biggest names in US tech sector - - Intel, Microsoft an IBM - - grew more slowly in the latest quarter

US multinationals' R&D hiring jumps in Asia; US lost more than quarter of high tech manufacturing jobs since 2000

How serious is China's challenge to America's technology lead? Chinese to land on the moon, Americans on an asteroid

Hewlett-Packard posts 91% plunge in fourth-quarter profits

Markets News: Japan's industrial output dipped in September; Hewlett-Packard to keep its PC unit