At what we know of the current going rate for credit cards, that's $50 - $200 Million on the black market. Not counting the $60M that TJX paid to settle lawsuits on the matter.
So it's big news that a bunch of folks have been arrested for the crime.
What's interesting is the nationalities of the folks involved: US, Ukraine, China, Estonia. Eastern Europe and China are both major centers for black hat activity (as opposed to Black Hat activity, which is in Vegas this week).Eleven perpetrators allegedly involved in the hacking of nine major U.S. retailers and the theft and sale of more than 40 million credit and debit card numbers have been charged with engineering the largest hacking and identity theft conspiracy ever prosecuted by the Department of Justice.
The case links several high-profile data breaches of the last two years -- including TJX Companies, BJ's Wholesale Club, Barnes & Noble, and Dave & Buster's -- to a single group of conspirators.
Pretty lucrative operation, it seems:
The San Diego charges allege that Yastremskiy, Suvorov, Chiu, Wang, Delpiero, Pavolvich, Burak, and Storchak operated an international stolen credit and debit card distribution ring, with operations from Ukraine, Belarus, Estonia, the People’s Republic of China, the Philippines and Thailand. The indictments allege that each of the defendants sold stolen credit and debit card information for personal gain. The indictment alleges that Yastremskiy received proceeds exceeding $11 million.
Careful reading of the indictments of the TJX data thieves show that the media, card issuers and Federal Trade Commission over-reacted to the TJX incident. The TJX break-in was not as bad as we were led to believe. --Ben http://legal-beagle.typepad.com/wrights_legal_beagle/2008/08/credit-card-iss.html
ReplyDelete