[Dataloss] follow-up: TJX credit card heist suspect, 2 others, accused of new scam
security curmudgeon
jericho at attrition.org
Tue May 13 08:48:43 UTC 2008
---------- Forwarded message ----------
From: InfoSec News <alerts at infosecnews.org>
http://www.theregister.co.uk/2008/05/13/trio_accused_in_carding_scam/
By Dan Goodin in San Francisco
The Register
13th May 2008
Three men - one of them suspected of playing a role in the heist of 45.6
million credit cards from retailer TJX Companies - have been accused of
hacking into cash register terminals belonging to a restaurant chain and
installing software that sniffed credit card numbers.
According to a 27-count indictment unsealed Monday, the scheme was carried
out in part by Maksym Yastremskiy. In July, the Ukrainian was arrested in
a Turkish resort town for allegedly selling large quantities of credit
card numbers, many of which were siphoned out of TJX's rather porous
network. He remains incarcerated in Turkey, where an application for
extradition to the US is pending. Yastremskiy also went by the name
Maksik.
The indictment also names Aleksandr Suvorov, aka JonnyHell, of Estonia,
and a separate complaint names Albert Gonzales, who also went by the
moniker Segvec. Together, they are accused of installing packet sniffers
at 11 restaurants belonging to Dave & Buster's. The sniffers captured
track 2 credit card data as it passed from the restaurants' point-of-sale
terminals to servers at the chain's central headquarters.
Suvorov was arrested in March by German officials while visiting that
country, and an extradition request is also pending. Gonzalez was arrested
this month by Secret Service agents in Miami.
[..]
More information about the Dataloss
mailing list