It is believed to be the largest hacking and identity theft case ever prosecuted by the Department of Justice. The charges include conspiracy, computer intrusion, fraud and identity theft.
The indictment returned Tuesday by a federal grand jury in Boston alleges that the people charged hacked into the wireless computer networks of retailers including TJX Cos., BJ's Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21 and DSW.
The indictment alleges that the hackers installed programs to capture card numbers, passwords and account information, and then concealed the data in computer servers that they controlled in the U.S. and Eastern Europe.
Mukasey said the total dollar amount of the alleged theft is "impossible to quantify at this point." Sullivan said officials still haven't identified all the victims who had a credit or debit card number stolen.
"I suspect that a lot of people are unaware that their identifying information has been compromised," he said.
Sullivan
said the alleged thieves weren't computer geniuses, just opportunists
who used a technique called "wardriving," which involved cruising
through different areas with a laptop computer and looking for
accessible wireless Internet signals.
Once they located a vulnerable network, they installed so-called "sniffer programs" that captured credit and debit card numbers as they moved through a retailer's processing networks.
The information was stored on two servers in
Ukraine and Latvia -- one with more than 25 million credit and debit
card numbers and another with more than 16 million numbers, Sullivan
said. See full AP Story
*****************************************************
If you think your information may have been compromised, see What Should I do?
Protect you wireless access points!
Here are some tips from the FBI and the Florida Department of Law Enforcement on how to keep your personal computer data safe:
• Make sure your laptop security is up to date. That includes firewall, antivirus and anti-spyware software. Spyware is a kind of program that can collect information from your computer without your knowledge. It's sometimes used by companies that want to collect marketing information about people who log on to their Web site, but spyware has also been used by hackers who want to mine information from someone's computer.
• When using a Wi-Fi service, avoid logging in to financial accounts of any kind because hackers might be able to monitor your computer from another location to see what you are typing and steal your log-in information. For the same reason, you also want to avoid logging into e-mail accounts and instant messaging services.
• When logging on to a site, glance at the address bar to check that you're at an authentic Web page. Hackers set up fake Web pages that look like the real thing to trick people into typing in their log-in information.
If the Web address that appears is different from what you originally typed, don't enter your personal information. Close your browser and leave the Wi-Fi network.
• Don't use the same password for all your online accounts. That way if hackers steal a password, they won't be able to use it at more than one Web site.
• Make sure your computer does not automatically log on to wireless networks. You can do this by adjusting the Internet security settings on your computer. As an added precaution, turn the computer off when you're not around to ensure that it's not picking up a wireless network signal.
See earlier entry by: Tech Security Expert, Albert Whale: Protect your computer before it's too late!
Leave a comment