BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

follow-up: TJX credit card heist suspect, 2 others, accused of new scam

From: security curmudgeon <jericho () attrition org>
Date: Tue, 13 May 2008 08:48:43 +0000 (UTC)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.theregister.co.uk/2008/05/13/trio_accused_in_carding_scam/

By Dan Goodin in San Francisco
The Register
13th May 2008

Three men - one of them suspected of playing a role in the heist of 45.6 
million credit cards from retailer TJX Companies - have been accused of 
hacking into cash register terminals belonging to a restaurant chain and 
installing software that sniffed credit card numbers.

According to a 27-count indictment unsealed Monday, the scheme was carried 
out in part by Maksym Yastremskiy. In July, the Ukrainian was arrested in 
a Turkish resort town for allegedly selling large quantities of credit 
card numbers, many of which were siphoned out of TJX's rather porous 
network. He remains incarcerated in Turkey, where an application for 
extradition to the US is pending. Yastremskiy also went by the name 
Maksik.

The indictment also names Aleksandr Suvorov, aka JonnyHell, of Estonia, 
and a separate complaint names Albert Gonzales, who also went by the 
moniker Segvec. Together, they are accused of installing packet sniffers 
at 11 restaurants belonging to Dave & Buster's. The sniffers captured 
track 2 credit card data as it passed from the restaurants' point-of-sale 
terminals to servers at the chain's central headquarters.

Suvorov was arrested in March by German officials while visiting that 
country, and an extradition request is also pending. Gonzalez was arrested 
this month by Secret Service agents in Miami.

[..]
_______________________________________________
Dataloss Mailing List (dataloss () attrition org)
http://attrition.org/dataloss

Tenable Network Security offers data leakage and compliance monitoring
solutions for large and small networks. Scan your network and monitor your
traffic to find the data needing protection before it leaks out!
http://www.tenablesecurity.com/products/compliance.shtml
Previous By Date Next
Previous By Thread Next

Current thread: