BreachExchange mailing list archives
follow-up (TJX): Ukrainian jet setter in world's largest cyber heist?
From: security curmudgeon <jericho () attrition org>
Date: Thu, 23 Aug 2007 15:46:00 +0000 (UTC)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> http://www.theregister.co.uk/2007/08/22/possible_break_in_tjx_investigation/ By Dan Goodin in San Francisco 22nd August 2007 US authorities have taken a keen interest in a recently-arrested Ukrainian man after discovering he had ties to the criminal hackers behind the colossal data breach at US retail giant TJX. Responsible for more than 45.6m stolen accounts, the infiltration has understandably landed on the top of investigators' to-do list. Their new-found interest is in Maksym Yastremskiy, who was arrested several weeks ago for selling stolen credit card numbers in online forums. It turns out a "significant number" of them belonged to customers whose credentials were siphoned out of TJX's rather porous network. "It's a significant point in the investigation," said Doug Bem, a public information officer for the US Postal Inspection Service, one of a handful of federal agencies probing the TJX breach. "We don't have any information that suggests this person was the one who committed the attack on TJX, but at some point he did come into possession of the (stolen TJX) card accounts." Bem wouldn't say how many of the stolen credit card numbers in Yastremskiy's possession belonged to TJX customers, but he said there were "a significant number of accounts that could be traced back to the TJX database." [..] _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- follow-up (TJX): Ukrainian jet setter in world's largest cyber heist? security curmudgeon (Aug 23)