On Thursday 25 July, US Attourney Paul Fishman announced the indictment of four Russian nationals and one Ukrainian national in “the largest hacking and data breach scheme ever prosecuted in the United States.”
The 5 hackers used anonymous web hosting and a hacking method known as SQL injection to gain access to the databases of some of the largest retailers and credit card processing firms in the USA. It is expected that around 160 million credit card details were stolen, the companies involved have reported associated cost over $300 million.
The group sought to sell the credit card details on underground forums with prices ranging between $5 – $50, depending on the nation of origin and the level of encryption which was associated with the card.
“The defendants are charged with attacks on NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. It is not alleged that the NASDAQ hack affected its trading platform.“ the indictment states.
The full details can be found here.