Russians, Ukrainian charged in largest US hacking and data breach scheme


July 26, 2013

NEWARK (New Jersey): Four Russian nationals and a Ukrainian have been charged in what's being called the largest hacking and data breach scheme ever prosecuted in the United States.

July 26, 2013

NEWARK (New Jersey): Four Russian nationals and a Ukrainian have been charged in what's being called the largest hacking and data breach scheme ever prosecuted in the United States.

They're accused of running a hacking organization that penetrated computer networks of more than a dozen major US and international corporations over seven years, stealing and selling at least 160 million credit and debit card numbers, resulting in losses of hundreds of millions of dollars.

Indictments were announced Thursday. US attorney Paul Fishman called the case the largest hacking and data breach scheme ever prosecuted in the country.

Heartland Payment Systems Inc, which processes credit and debit cards for businesses, was identified as taking the biggest hit in a scheme starting in 2007 — the theft of more than 130 million card numbers at a loss of about $200 million.

Global Payment Systems, another major payment processing company, had nearly 1 million card numbers stolen, with losses of nearly $93 million, prosecutors said.

The indictment did not put a loss figure on the thefts at some other major corporations, including Commidea Ltd., a European provider of electronic payment processing for retailers. The government said hackers in 2008 covertly removed about 30 million card numbers from its computer network.

About 800,000 card numbers were stolen in an attack on the Visa network, but the indictment did not cite any loss figure.

Not all the companies the hackers infected over the years with malicious computer software suffered financial losses. Customer log-in credentials were stolen from Nasdaq and Dow Jones Inc., the indictment said, though prosecutors said Nasdaq's trading platform was not affected.

The defendants were identified as Vladimir Drinkman, 32, of Russia; Aleksander Kalinin, 26, of Russia; Roman Kotov, 32, of Russia; Dmitriy Smilianets, 29, of Russia; and Mikhail Rytikov, 26, of the Ukraine.

Smilianets was in US custody and was expected to appear in federal court next week. His lawyer, Bruce Provda, said Smilianets was in the US "sightseeing" when he was arrested. "It's a rather complex international charge of hacking," Provda said. "If it goes to trial, it's going to be a lengthy trial."

Drinkman was being held in the Netherlands pending extradition, prosecutors said. His lawyer there, Bart Stapert, did not immediately return a message. The other three defendants remained at large.

The prosecution builds on the 2009 case that resulted in a 20-year prison sentence for Albert Gonzalez of Miami, who was identified in the new complaint as an unindicted co-conspirator.

Prosecutors identified Kalinin and Drinkman as sophisticated hackers who specialized in penetrating the computer networks of multinational corporations, financial institutions and payment processors.

Kotov's specialty was harvesting data from the networks after they had been penetrated, and Rytikov provided anonymous web-hosting services that were used to hack into computer networks and covertly remove data, the indictment said.

Smilianets was the information salesman, the government said.

All five are charged with taking part in a computer hacking conspiracy and conspiracy to commit wire fraud. The four Russian nationals are also charged with multiple counts of unauthorized computer access and wire fraud.

The individuals who purchased the credit and debit card numbers and associated data from the hacking organization resold them through online forums or directly to others known as "cashers," the indictment said. According to the indictment, US credit card numbers sold for about $10 each; Canadian numbers were $15 and better-encrypted European ones $50.

The data was stored on computer servers all over the world, including in Latvia, the Netherlands, Bahamas, Ukraine, Panama and Germany.

The cashers would encode the information onto the magnetic strips of blank plastic cards and cash out the value, by either withdrawing money from ATMs in the case of debit cards, or running up charges and purchasing goods in the case of credit cards.

Kalinin was also charged, along with another Russian man, in a separate indictment unsealed Thursday. The men are accused of hacking into computer systems at Citibank and PNC Bank and giving co-conspirators information who encrypted blank ATM cards that were used to withdraw $4.2 million from customer accounts in 2006 and 2007.

Kalinin is also accused in that indictment of installing malicious software on Nasdaq computers. Prosecutors say the breach did not affect securities trading.

Courtesy: AP