an identity thief
Identity fraud costs the US $1.8bn (£920m) a year

Eleven charged with huge identity theft

Suspects allegedly hacked unprotected wireless connections to obtain card numbers

Written by Tom Young

Computing, 06 Aug 2008

Eleven people in the US have been charged in one of the largest identity theft cases of all time.

The suspects allegedly hacked unprotected wireless connections to obtain card numbers, account information and password details.

Three people from the US, three from the Ukraine, two from China, one from Estonia and one from Belarus were charged. An 11th defendant was not identified.

They then stored the information on servers in Europe and the US, and used it to buy goods from a number of different retailers.

Those affected were TJX Corporation, BJ's Wholesale Club, Barnes and Noble, Sports Authority, Boston Market, Office Max, Dave and Busters, DSW shoe stores and Forever 21.

TJX, which owns the Marshall's and TJ Maxx chains in the US, was the hardest hit, as data from 45.7 million credit cards was stolen from its system.

The Federal Trade Commission estimates identity fraud costs the $1.8bn (£920m) a year.

Bruce Schneier, BT’s chief security technology officer, was warning about the threats of ID fraud back in 2005. He said: "The real crime here is fraud; more specifically, impersonation leading to fraud. Impersonation is an ancient crime, but the rise of information-based credentials gives it a modern spin. As more information about us is collected, correlated, and sold, it becomes easier for criminals to get their hands on the data they need to commit fraud. It doesn't take much personal information to apply for a credit card in someone else's name. It doesn't take much to submit fraudulent bank transactions in someone else's name.

And in some countries it’s surprisingly easy to get an identification card in someone else's name. Our current culture, where identity is verified simply and sloppily, makes it easier for a criminal to impersonate his victim. We need to make the entity that is in the best position to mitigate the risk to be responsible for that risk.

"That means making the financial institutions and companies who hold the data liable for fraudulent transactions – this will result in a lot more prosecutions and a much safer environment. These prosecutions in the US are just the tip of the iceberg and more needs to be done."

reader comments

related articles

ING House in AmsterdamSecurity

ING Direct rolls out client-based fraud prevention system

Software "assumes" end user machine is infected with malware 22 May 2008

 
Communications

Security weaknesses prompt EU cyber crime directive debate

European Commission increasingly worried about the level of cyber crime in the EU 01 May 2008

Stolen bank details sold online for £5

Credit cards and personal information make up top three ID theft illegal sales 08 Apr 2008

Government

Hacking ring nabbed by US authorities

11 charged with biggest ID theft in history 06 Aug 2008

Security

TJX hacker pleads guilty as charged

First result in one of the biggest ever hacking attacks 13 Sep 2008

US cracks 'largest ever' ID theft ring

Gang allegedly stole millions of dollars using 40 million stolen credit and debit card numbers 06 Aug 2008

related whitepapers

today's top stories

Management

Solid as a rock

From power cuts in Nigeria to severe server congestion in Lancashire, Lisa Kelly reports on the potential hazards facing three very different organisations and the steps they have taken to ensure their operations are robust enough to withstand them 02 Dec 2008

Security

Technology and privacy

Watch the final video in a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 02 Dec 2008

Management

IT staff desperate to keep their jobs

Most would work longer hours for less pay 02 Dec 2008

Software

VMware View 3 enhances virtual desktops

Virtual clients now take up less storage space and can be 'checked out' to a laptop 02 Dec 2008

Security

Technology and privacy

Watch part one of a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 01 Dec 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will the terrorist attacks in Mumbai affect your offshoring plans?

Will the terrorist attacks in Mumbai affect your offshoring plans?

Is India becoming a risky destination?

Previous poll results

> More polls

Latest audio and video articles

Padlocked CDVideo

Technology and privacy

Watch the final video in a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 02 Dec 2008

Podcast imageAudio

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

> More audio and video

Latest in-depth articles

Parcel being packedFeatures

Case study: eSpares and business continuity

Online electricals business has managed to decrease its downtime 02 Dec 2008

Royal Blackburn HospitalFeatures

NHS trust recovers from server overdose

Virtualisation technology breathed new life into East Lancashire's cost-intensive system 02 Dec 2008

> More in depth articles

Advertisement

Primary Navigation