Advertisement
Advertise with NZME.
Home / Technology

East European hackers plunder card numbers

2 mins to read

WASHINGTON - More than a million credit card numbers have been stolen from e-commerce websites in the past year, says the FBI. It blames organised hacker groups in Russia and the Ukraine.

Investigators at the National Infrastructure Protection Centre, the FBI's cyber crimes arm, have warned internet retailers and online banking firms to be more vigilant in protecting their data.

In the past year, they said, there had been an increase in thefts of credit card numbers and a similar increase in the fraudulent use of credit cards in Russia.

The FBI broke from its policy of not discussing pending investigations, believing it necessary to alert the public, even though the announcement could compromise its work.

Hundreds of companies had fallen victim, officials said, adding that there were more than 40 investigations under way in 20 states. The scheme was said to involve organised crime groups outside the US.

The hackers use well-known holes in their targets' websites and transaction software and companies are asked to patch holes more quickly. It is a nuisance for customers to change their credit cards after they have been used on compromised e-commerce sites, but companies are even more at risk, security experts say.

Individual liability is capped by law at $50 if fraudulent charges are made on a card, but a company loses consumer confidence and probably the business of the stolen card's holder.

National Infrastructure Protection Centre director Michael Vatis said in January that the FBI periodically saw organised criminal groups make extortion demands related to hacker attempts.

It is not known if any of the criminals are sponsored by a Government, although that possibility is part of the FBI's investigation.

In December 1999, a hacker claimed to have stolen the card numbers of 300,000 CD Universe customers. The hacker, using the name Maxim, said he was a 19-year-old from Russia. He released thousands of the numbers when the company refused to pay a $100,000 ransom.

Western Union shut its website for five days last September after hackers stole the card numbers of more than 15,000 customers.

Last December, another Russian hacker stole more than 55,000 cards from creditcards.com, which processes transactions for online merchants. About 25,000 card numbers were posted online when a $100,000 extortion demand was ignored.

Links


National Infrastructure Protection Centre

Advertisement
Advertise with NZME.
Advertisement
Advertise with NZME.
Save

Latest from Technology

Advertisement
Advertise with NZME.

Latest from Technology