US man stole 130m credit card numbers

18/08/2009

US prosecutors have charged a man with stealing data relating to 130 million credit and debit cards. Officials say it is the biggest case of identity theft in American history.

They say Albert Gonzales, 28, and two unnamed Russian co-conspirators hacked into the payment systems of retailers, including the 7-Eleven chain.

Prosecutors say they aimed to sell the data on. If convicted, Mr Gonzales faces up to 20 years in jail for wire fraud and five years for conspiracy. He would also have to pay a fine of $250,000 (£150,000) for each of the two charges.

Gonzales used a complicated technique known as an “SQL injection attack” to penetrate networks’ firewalls and steal information, the US Department of Justice said.

According to the indictment, the group researched the credit and debit card systems used by their victims, attacked their networks and sent the data to computer servers they operated in California, Illinois, Latvia, the Netherlands and Ukraine. The data could then be sold on, enabling others to make fraudulent purchases, it said.

Read the full story on the BBC News website.


Missile data found on hard drives

07/05/2009

Sensitive information for shooting down intercontinental missiles as well as bank details and NHS records was found on old computers, researchers say.

Of 300 hard disks bought randomly at computer fairs and an online auction site, 34% still held personal data. Researchers from BT and the University of Glamorgan bought disks from the UK, America, Germany, France and Australia.

The information was enough to expose individuals and firms to fraud and identity theft, said the researchers. Professor Andrew Blyth said: “It’s not rocket science – we used standard tools to analyse the data”.

The research involving the Welsh campus was led by BT’s Security Research Centre and included researchers at Edith Cowan University in Australia and Longwood University in the US.

In addition to finding bank account details and medical records, the work unearthed job descriptions and personal identity numbers as well as data about a proposed $50bn currency exchange through Spain.

Read the full story on the BBC News website.