NEWARK -- Four Russian nationals and a Ukrainian have been charged with running a sophisticated hacking organization that infiltrated computer networks of more than a dozen major American and international corporations over seven years, stealing and selling at least 160 million credit and debit card numbers, resulting in losses of hundreds of millions of dollars.
Indictments were announced yesterday in Newark, where U.S. Attorney Paul Fishman called it the largest hacking and data breach scheme ever prosecuted in the United States.
Princeton-based Heartland Payment Systems Inc., which processes credit and debit cards for small to midsized businesses, was identified as taking the biggest hit in a scheme starting in 2007 -- the theft of more than 130 million card numbers at a loss of about $200 million.
Atlanta-based Global Payment Systems, another major payment processing company, had nearly 1 million card numbers stolen, with losses of nearly $93 million, prosecutors said.
The indictment did not put a loss figure on thefts at some other major firms, including Commidea Ltd., a European card payment processor. The government said hackers in 2008 removed 30 million card numbers from its computer network.
About 800,000 card numbers were stolen in an attack on the Visa network, but the indictment did not cite any loss figure.
Customer login credentials were stolen from Nasdaq and Dow Jones Inc., the indictment said, though prosecutors said Nasdaq's securities trading platform was not affected.
The defendants were identified as Vladimir Drinkman, 32, of Syktyvkar, Russia, and Moscow; Aleksander Kalinin, 26, of St. Petersburg, Russia; Roman Kotov, 32, of Moscow; Dmitriy Smilianets, 29, of Moscow; and Mikhail Rytikov, 26, of Odessa, Ukraine. -- AP