The ease of identity theft, and how vulnerable are even the most seemingly secure databases - is clearly shown by results of a multi-year international investigation conducted by the FBI, the U.S. Secret Service and Interpol. Four Russian nationals and a Ukrainian have been charged with running the largest internet hacking scheme ever uncovered; one that compromised 160 million credit and debit cards plus numerous financial accounts. The gang of five made off with hundreds of millions of dollars from 2005 to 2012.
U.S. Attorney Paul Fishman, announced the indictments in Newark, New Jersey. Charged were Vladimir Drinkman, 32, of Syktyvkar, Russia, and Moscow; Aleksander Kalinin, 26, of St. Petersburg, Russia; Roman Kotov, 32, of Moscow; Dmitriy Smilianets, 29, of Moscow; and Mikhail Rytikov, 26, of Odessa, Ukraine.
The five, according to the indictment are charged with targeting retailers and other corporations engaged in financial transactions, or in transmitting financial data. In a classic identity theft operation, they stole user names and passwords, means of identification, credit and debit card numbers and other corresponding personal identification. The group hacked into computer networks of more than a dozen major companies, including J.C. Penney, Wet Seal, 7-Eleven, Nasdaq, JetBlue and Dow Jones.
U.S. Attorney Fishman said that Drinkman and Kalinin gained access to the companies’ computer systems, and then Kotov mined the compromised networks for valuable data. The ring used web-hosting services owned by Rytikov to hide their identities and finally Smilianets was responsible for selling the stolen data and divvying up the proceeds among the five men.
“Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy, and our national security,” said Fishman.
According to the indictment, U.S. credit card numbers sold for about $10 each; Canadian numbers were $15 and better-encrypted European ones $50.
There are any number of lessons that can be learned from this case, most of them should resonate with you and me. The most obvious is that no database is completely safe from hackers. Our personal information is out there in the files of the retailers we shop with, companies we do financial business with, doctors, hospitals and other health care providers and countless others. No matter the reassurances from the holders of our personal data a skillful enough hacker, who is determined enough, can compromise our information.
We owe it to ourselves to be vigilant. We need to monitor credit scores from the three reporting agencies and if there is a change in our scores, we need to find out why quickly. We can monitor credit scores ourselves or we can join a service such as we offer here at Identity Guard that will do it for us. The New Jersey indictments show that just about no one is immune from identity theft.