Hacker indicted for massive attack on US retail/banking networks; 130m cards at risk

	\| Click for the Finfacts Ireland Portal Homepage \| <script language="javascript" src="http://adserver.adtech.de/addyn\|3.0\|257\|1057011\|0\|1\|ADTECH;loc=700;target=_blank;key=key1+key2+key3+key4;grp=1054"></script><noscript><a href="http://adserver.adtech.de/adlink\|3.0\|257\|1057011\|0\|1\|ADTECH;loc=300;key=key1+key2+key3+key4;grp=1054" target="_blank"><img src="http://adserver.adtech.de/adserv\|3.0\|257\|1057011\|0\|1\|ADTECH;loc=300;key=key1+key2+key3+key4;grp=1054" border="0" width="468" height="60"></a></noscript>

Finfacts Business News Centre

Home


	News
	Irish
	European
	International

	Analysis/Comment

RSS FEED

How to use our RSS feed

See Search Box lower down this column for searches of Finfacts news pages. Where there may be the odd special character missing from an older page, it's a problem that developed when Interactive Tools upgraded to a new content management system.

Welcome

Finfacts is Ireland's leading business information site and you are in its business news section.

We provide access to live business television and business related videos from: Bloomberg TV; The Wall Street Journal; CNBC and the Financial Times. Click image:

Links

Global Income Per Capita

Global Cost of Living

Irish Tax 2008

Climate Change Reports

Global News

Newspapers

Search Finfacts News Pages

Content Management by interactivetools.com.

News : International

Last Updated: Aug 19, 2009 - 8:07:58 AM

Hacker indicted for massive attack on US retail/banking networks; 130m cards at risk
By Finfacts Team
Aug 18, 2009 - 4:26:00 AM

Email this article
Printer friendly page

The US Department of Justice announced on Monday that Albert Gonzalez, 28, of Miami, Florida, was indicted for conspiring to hack into computer networks supporting major American retail and financial organisations, and stealing data relating to more than 130 million credit and debit cards.

In a two-count indictment alleging conspiracy and conspiracy to engage in wire fraud, Gonzalez, also known as (AKA) "segvec," "soupnazi" and "j4guar17," was charged, along with two unnamed co-conspirators, with using a sophisticated hacking technique called an "SQL injection attack," which seeks to exploit computer networks by finding a way around the network’s firewall to steal credit and debit card information. Among the corporate victims named in the indictment are Heartland Payment Systems, a New Jersey-based card payment processor; 7-Eleven Inc., a Texas-based nationwide convenience store chain; and Hannaford Brothers Co., a Maine-based supermarket chain.

The indictment, which details the largest alleged credit and debit card data breach ever charged in the United States, alleges that beginning in October 2006, Gonzalez and his co-conspirators researched the credit and debit card systems used by their victims; devised a sophisticated attack to penetrate their networks and steal credit and debit card data; and then sent that data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine. The indictment also alleges Gonzalez and his co-conspirators also used sophisticated hacker techniques to cover their tracks and to avoid detection by anti-virus software used by their victims.

If convicted, Gonzalez faces up to 25 years in prison, as well as a fine of $250,000 for each charge.

Gonzalez is currently in federal custody. In May 2008, the US Attorney’s Office for the Eastern District of New York charged Gonzalez for his alleged role in the hacking of a computer network run by a national restaurant chain. Trial on those charges is scheduled to begin in New York next month.

In August of 2008, the Justice Department announced an additional series of indictments against Gonzalez and others for a number of retail hacks affecting eight major retailers and involving the theft of data related to 40 million credit cards. Those charges were filed in the District of Massachusetts. Gonzalez is scheduled for trial on those charges in 2010.

The charges announced Monday relate to a different pattern of hacking activity that targeted different corporate victims and involved different co-conspirators.

The Heartland breach exposed a weakness in US credit card payment processing compared with Europe, Avivah Litan, a security analyst at US IT research firm Gartner told the Financial Times. While most European issuers have upgraded to a chip-and-pin system, the US relies on data carried in less-secure magnetic stripes.

An estimated 20 per cent of the cards in the the Heartland theft were issued in Europe, with 13 million coming from one UK card issuer, Litan said.

Related Articles

iTunes store tops 10 billion songs sold; Apple has 70% of digital music market and 25% of total music market

Hackers in Europe and China broke into computers at about 2,500 companies and government agencies over the last 18 months

Hewlett-Packard reports quarterly profit jumped 25%

Microsoft reports 14% rise in quarterly revenues - - 60% profit jump; Amazon posts blowout quarter with sales increasing 42% and earnings surging 71%

Apple launches the iPad

Apple reports blowout fiscal 2010 first quarter; Jobs says annualising quarterly revenue, tech leader is now $50+ billion company

Google reports strong fourth quarter revenue and earnings; Signalls wish to remain in China

New President of American Chamber of Commerce in Ireland says Government must lead Ireland in a process of reinvention and transformation

Intel reports blowout fourth quarter with net income up 875%

Worldwide PC shipments in Q4 2009 posted strongest growth rate in seven years