18 December 2017
visit www.aciworldwide.com

Nasdaq and major banks the victims as five indicted for largest known cyber breach

26 July 2013  |  8483 views  |  0 Spiders computer virus

US lawmakers have charged five men with conspiring in a worldwide hacking and data breach scheme that targeted major corporate networks, stole more than 160 million credit card numbers and resulted in hundreds of millions of dollars in losses.

Over a seven-year period the alleged conspirators successfully penetrated the networks of major banks - including Citibank and PNC - the Nasdaq stock market, and payment processors and corporate giants such as 7-eleven. Just three of the corporate victims reported more than $300 million in losses as a result of the spree.

The alleged ringleaders, Aleksandr Kalinin and Vladimir Drinkman were previously arraigned in New Jersey as 'Hacker 1' and 'Hacker 2' in a 2009 indictment charging Albert Gonzalez, 32, of Miami, in connection with five corporate data breaches - including the massive attack on Heartland Payment Systems. Gonzalez is currently serving 20 years in federal prison for those offenses.

US attorneys in New York have unsealed two additional indictments against Kalinin: one charges him in connection with hacking certain computer servers used by Naasdaq and another with an international scheme to steal bank account information by hacking US-based financial institutions.

According to court documents, Kalinin and Drinkman and three other defendants allegedly pilfered 160 million card numbers, and associated user names and passwords, which they then sold on through the criminal underworld, charging $10 for each stolen American credit card number and associated data, $15 for Canadian cardholders and $50 for European cards - offering discounted pricing to bulk and repeat customers.

Court documents allege that the initial entry was often gained using a SQL injection attack. Once the network was infiltrated, the defendants allegedly placed malicious code, or malware, on the system. The defendants allegedly had malware implanted in multiple companies' servers for more than a year.

If convicted, the maximum penalties for the charged counts are: five years in prison for conspiracy to gain unauthorized access to computers; 30 years in prison for conspiracy to commit wire fraud; five years in prison for unauthorized access to computers; and 30 years in prison for wire fraud.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Nasdaq bulletin boards breached by hackers

Nasdaq bulletin boards breached by hackers

18 July 2013  |  6189 views  |  0 comments | 3 tweets | 4 linkedin
Exchange data highlights systemic threat from cyber attacks

Exchange data highlights systemic threat from cyber attacks

16 July 2013  |  6386 views  |  0 comments | 2 tweets
UK banks spooked more by cybercrime than economic slump

UK banks spooked more by cybercrime than economic slump

12 June 2013  |  10879 views  |  0 comments | 8 tweets | 9 linkedin
Corporate data breaches increasingly correlated with consumer fraud reports

Corporate data breaches increasingly correlated with consumer fraud reports

07 June 2013  |  5473 views  |  0 comments | 5 tweets | 1 linkedin
Full extent of FIS data breach comes to light

Full extent of FIS data breach comes to light

04 June 2013  |  14703 views  |  0 comments | 10 tweets | 9 linkedin
Indian processors fingered over $45m ATM heists

Indian processors fingered over $45m ATM heists

13 May 2013  |  8853 views  |  1 comments | 7 tweets | 4 linkedin
US supermarket data breach exposes 2.4m cards

US supermarket data breach exposes 2.4m cards

16 April 2013  |  10345 views  |  3 comments | 13 tweets | 5 linkedin
Crooks steal $11m in ATM heists; 18 accused of £200m card fraud

Crooks steal $11m in ATM heists; 18 accused of £200m card fraud

06 February 2013  |  7083 views  |  0 comments | 7 tweets
South Carolina admits security failings in massive data breach case

South Carolina admits security failings in massive data breach case

22 November 2012  |  5334 views  |  0 comments | 7 tweets | 2 linkedin
Global Payments breach extends to merchant accounts

Global Payments breach extends to merchant accounts

13 June 2012  |  6428 views  |  0 comments
Global Payments hit by 'massive' breach

Global Payments hit by 'massive' breach

30 March 2012  |  12259 views  |  0 comments
Morgan Stanley warns customers of data breach

Morgan Stanley warns customers of data breach

06 July 2011  |  7335 views  |  3 comments
Citi hackers steal $2.7m

Citi hackers steal $2.7m

27 June 2011  |  12416 views  |  1 comments
Citi raises the numbers hit by data breach

Citi raises the numbers hit by data breach

16 June 2011  |  8921 views  |  0 comments
Hackers hit Citi card customers

Hackers hit Citi card customers

09 June 2011  |  8938 views  |  0 comments
Crisis at Sony deepens as second breach hits 25 million accounts

Crisis at Sony deepens as second breach hits 25 million accounts

03 May 2011  |  7189 views  |  0 comments

Related company news

 
visit www.response.ncr.comvisit www.ebaday.comvisit www.niceactimize.com

Top topics

Most viewed Most shared
satelliteRipple completes XRP Lockup
11241 views comments | 3 tweets | 3 linkedin
Banks tap Ethereum smart contracts for MiFID II complianceBanks tap Ethereum smart contracts for MiF...
10164 views comments | 21 tweets | 23 linkedin
Banks and fintech startups join forces on blockchain-based supply chain pilotBanks and fintech startups join forces on...
7771 views comments | 19 tweets | 22 linkedin
Digital banking startup Loot secures £2.2 million seed roundDigital banking startup Loot secures £...
7432 views comments | 5 tweets | 11 linkedin
Nordea takes Open APIs into live productionNordea takes Open APIs into live productio...
7396 views comments | 6 tweets | 26 linkedin

Featured job

Competitive
Germany, Austria or Switzerland

Find your next job