19 August 2017
visit www.avoka.com

Nasdaq and major banks the victims as five indicted for largest known cyber breach

26 July 2013  |  8384 views  |  0 Spiders computer virus

US lawmakers have charged five men with conspiring in a worldwide hacking and data breach scheme that targeted major corporate networks, stole more than 160 million credit card numbers and resulted in hundreds of millions of dollars in losses.

Over a seven-year period the alleged conspirators successfully penetrated the networks of major banks - including Citibank and PNC - the Nasdaq stock market, and payment processors and corporate giants such as 7-eleven. Just three of the corporate victims reported more than $300 million in losses as a result of the spree.

The alleged ringleaders, Aleksandr Kalinin and Vladimir Drinkman were previously arraigned in New Jersey as 'Hacker 1' and 'Hacker 2' in a 2009 indictment charging Albert Gonzalez, 32, of Miami, in connection with five corporate data breaches - including the massive attack on Heartland Payment Systems. Gonzalez is currently serving 20 years in federal prison for those offenses.

US attorneys in New York have unsealed two additional indictments against Kalinin: one charges him in connection with hacking certain computer servers used by Naasdaq and another with an international scheme to steal bank account information by hacking US-based financial institutions.

According to court documents, Kalinin and Drinkman and three other defendants allegedly pilfered 160 million card numbers, and associated user names and passwords, which they then sold on through the criminal underworld, charging $10 for each stolen American credit card number and associated data, $15 for Canadian cardholders and $50 for European cards - offering discounted pricing to bulk and repeat customers.

Court documents allege that the initial entry was often gained using a SQL injection attack. Once the network was infiltrated, the defendants allegedly placed malicious code, or malware, on the system. The defendants allegedly had malware implanted in multiple companies' servers for more than a year.

If convicted, the maximum penalties for the charged counts are: five years in prison for conspiracy to gain unauthorized access to computers; 30 years in prison for conspiracy to commit wire fraud; five years in prison for unauthorized access to computers; and 30 years in prison for wire fraud.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Nasdaq bulletin boards breached by hackers

Nasdaq bulletin boards breached by hackers

18 July 2013  |  6016 views  |  0 comments | 3 tweets | 4 linkedin
Exchange data highlights systemic threat from cyber attacks

Exchange data highlights systemic threat from cyber attacks

16 July 2013  |  6304 views  |  0 comments | 2 tweets
UK banks spooked more by cybercrime than economic slump

UK banks spooked more by cybercrime than economic slump

12 June 2013  |  10568 views  |  0 comments | 8 tweets | 9 linkedin
Corporate data breaches increasingly correlated with consumer fraud reports

Corporate data breaches increasingly correlated with consumer fraud reports

07 June 2013  |  5321 views  |  0 comments | 5 tweets | 1 linkedin
Full extent of FIS data breach comes to light

Full extent of FIS data breach comes to light

04 June 2013  |  14499 views  |  0 comments | 10 tweets | 9 linkedin
Indian processors fingered over $45m ATM heists

Indian processors fingered over $45m ATM heists

13 May 2013  |  8709 views  |  1 comments | 7 tweets | 4 linkedin
US supermarket data breach exposes 2.4m cards

US supermarket data breach exposes 2.4m cards

16 April 2013  |  10050 views  |  3 comments | 13 tweets | 5 linkedin
Crooks steal $11m in ATM heists; 18 accused of £200m card fraud

Crooks steal $11m in ATM heists; 18 accused of £200m card fraud

06 February 2013  |  6997 views  |  0 comments | 7 tweets
South Carolina admits security failings in massive data breach case

South Carolina admits security failings in massive data breach case

22 November 2012  |  5241 views  |  0 comments | 7 tweets | 2 linkedin
Global Payments breach extends to merchant accounts

Global Payments breach extends to merchant accounts

13 June 2012  |  6341 views  |  0 comments
Global Payments hit by 'massive' breach

Global Payments hit by 'massive' breach

30 March 2012  |  12149 views  |  0 comments
Morgan Stanley warns customers of data breach

Morgan Stanley warns customers of data breach

06 July 2011  |  7242 views  |  3 comments
Citi hackers steal $2.7m

Citi hackers steal $2.7m

27 June 2011  |  12350 views  |  1 comments
Citi raises the numbers hit by data breach

Citi raises the numbers hit by data breach

16 June 2011  |  8798 views  |  0 comments
Hackers hit Citi card customers

Hackers hit Citi card customers

09 June 2011  |  8859 views  |  0 comments
Crisis at Sony deepens as second breach hits 25 million accounts

Crisis at Sony deepens as second breach hits 25 million accounts

03 May 2011  |  7123 views  |  0 comments

Related company news

 
visit www.niceactimize.comvisit www.dorsum.euvisit www.worldpaymentsreport.com

Top topics

Most viewed Most shared
Mobile contactless spending accelerating in UKMobile contactless spending accelerating i...
8677 views comments | 23 tweets | 23 linkedin
Norwegian banks and startups form fintech clusterNorwegian banks and startups form fintech...
7687 views comments | 19 tweets | 23 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
6930 views comments | 10 tweets | 7 linkedin
hands typing furiouslyWhy Blockchain Might Not Be The Future For...
6351 views 1 | 5 tweets | 3 linkedin
Apple sidelined as Beijing transit system launches payments appApple sidelined as Beijing transit system...
6201 views comments | 11 tweets | 9 linkedin

Featured job

Find your next job