Through hacks of hundreds of thousands of websites, a Russian crime ring has reportedly gained access to 1.2 billion user name and password combinations, along with hundreds of millions of e-mail addresses. [More]
It’s hard to feel bad for the banking business, but financial institutions can take a huge hit when consumers are the victims of large-scale fraud or ID theft. Replacing debit and credit cards, issuing refunds, investigating sketchy transactions can all add up — and of course that cost ultimately gets passed on to customers. This is why federal regulators are putting banks on alert to be mindful of increasingly popular ATM fraud and to be prepared for attacks on their websites. [More]
When nefarious types are in need of remote PCs to do their dirty work, they can turn to underground, invitation-only services that rent out computers owned by marks who aren’t aware their hardware is being prostituted. [More]
Fortune has a great profile on the “Ocean’s 11″ of HELOC fraud. Armed with just laptops and cellphones set to the right area code, he and his crew would drain home-equity lines of credit from unsuspecting homeowners accounts, piecing together enough of a profile on them from publicly available information to break through their account security. At his peak, he was pulling down millions a week, operating out of fancy hotel suites and drinking heavily from an endless stream of high-end liquor, jewelry, and prostitutes. And despite the FBI’s best dragnet efforts, he still remains at large today. [More]
There’s many ways your credit card can be stolen and exploited, but this is one of the more sophisticated: In this WIRED video, Detective Bob Watts of Newport Beach Police Department shows how crooks take your credit card numbers they steal off the internet and turn a blank plastic card into something they could swipe through a Best Buy scanner or plunk down at a fancy restaurant, complete with holograms and embossing. Using these techniques, one criminal ring racked up over a $1 million in fraud before they got busted. [More]
Albert Gonzalez, the mastermind behind most of the multi-million dollar credit card breaches in the past few years, is being sentenced this week. (Feds are asking for 25 years.) Now his former accomplice, Stephen Watt, has told Wired that while Gonzalez was busy stealing and selling credit card data he was also being paid under the table by the U.S. Secret Service to inform on others, earning as much as $75,000 in cash annually. [More]
The Washington Post says that a hacker encrypted 8 million patient prescription records from a Virginia state website last week, deleted the backups, and replaced the home page with a ransom note. If the state doesn’t pay $10 million within 7 days, the hacker has threatened to sell the data to the highest bidder.
Don’t be too surprised if you get a letter from your bank or credit union in the next few weeks telling you it’s replacing your credit card. If your data was among the latest set compromised, Visa and Mastercard are already alerting financial institutions so they can cancel the account number.
As part of their inquiry, FTC staff made undercover purchases from the sites. No one asked the clandestine buyers to provide verification of a prescription and the shipped drugs did not include doctors’ instructions or dosage information, officials said.
We write a lot about data loss at American companies and financial institutions. Some of you might wonder why we spend so much time on Verizon losing the occasional CD, or the occasional Citibank security breach. Maybe you’re wealthy, with a million dollars in credit and a shimmering Porsche. Maybe you’ve got 75 bucks in your checking account and need to eat beans and rice until your next paycheck. Either way, cyber-crime tends to seem faceless, not really a threat to you personally.