follow-up: Suspect named in TJX credit card probe

[security curmudgeon <jericho () attrition org>]

http://www.boston.com/business/personalfinance/articles/2007/08/21/suspect_named_in_tjx_credit_card_probe/

Suspect named in TJX credit card probe
Ukrainian's arrest seen as break in record fraud case
By Ross Kerber, Globe Staff  |  August 21, 2007

Authorities have zeroed in on a Ukrainian man they suspect played a key 
role in the sale of many credit card numbers stolen from TJX Cos. in what 
is considered the biggest corporate data breach to date.

Officials hope the recent arrest of Maksym Yastremskiy will be a 
breakthrough in the investigation of who hacked into systems at TJX and 
other companies, said Greg Crabb, a program manager in the global 
investigations division of the US Postal Inspection Service. The service 
is among various law enforcement agencies trying to track down hackers who 
made off with more than 45 million credit and debit card numbers from TJX 
starting in 2005.

Crabb said Yastremskiy allegedly sold card numbers through online forums 
hosted overseas, sometimes in Cyrillic or that were password protected. He 
is likely the largest seller of stolen TJX numbers, Crabb said.

Prices ranged from $20 to $100 per stolen card, and the cards were sold in 
batches of up to 10,000, depending on factors like the credit limits of 
the consumer accounts being traded. Crabb said Yastremskiy is associated 
with at least one other Ukrainian man previously charged with similar 
crimes, though unrelated to the TJX case.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml