Security Experts:

Connect with us

Hi, what are you looking for?



2.1M Stolen Credit Card Numbers Found on Russian Hacker’s Laptop

Roman Valerevich Seleznev, a Russian national accused by United States authorities of operating several carding forums and hacking into point of sale (PoS) systems in an effort to steal payment card information, has been denied bail, the Department of Justice announced on Friday.

Roman Valerevich Seleznev, a Russian national accused by United States authorities of operating several carding forums and hacking into point of sale (PoS) systems in an effort to steal payment card information, has been denied bail, the Department of Justice announced on Friday.

The 30-year-old man’s attorneys requested that their client be placed on house arrest in an apartment in Seattle with electronic monitoring and no access to computers. They proposed a $1 million bond secured by $100,000 in cash. However, the judge rejected the proposal because the suspect has no ties to the Western District of Washington, he is a frequent international traveler, he has large amounts of money in bank accounts around the world, and he possesses the skills necessary to create false documents. 

At the hearing, prosecutors revealed that they had found 2.1 million stolen credit card numbers on the laptop Seleznev had on him when he was arrested in the Maldives in July. Furthermore, investigators found evidence that the Russian searched his name and online monikers in the electronic filing system for the U.S federal courts to see if they showed up in any cases.

“Today was another important step in ensuring the charges against this defendant are tried in this community,” stated U.S. Attorney Jenny A. Durkan. “The defendant is entitled to every protection offered by our system, but will be afforded no special privileges.  Our investigation into the scope of defendant’s actions is ongoing.”

Seleznev, known on the cybercrime scene as “Track 2,” was indicted in March 2011 by a federal grand jury in the Western District of Washington, but the indictment was unsealed only after his arrest. According to investigators, between October 2009 and February 2011, the suspect used malware to steal payment card information from PoS systems. He allegedly also created and operated the infrastructure needed to host forums specializing in the commercialization of stolen financial data.

He has been charged with 29 counts, including bank fraud, intentionally causing damage to a protected computer, obtaining information from a protected computer without authorization, possession with intent to defraud of 15 or more stolen credit card numbers,  trafficking in stolen credit card numbers and aggravated identity theft.

The suspect is also named along with 54 other individuals in a separate racketeering case in Nevada targeting the members of the notorious carding website The man is said to have operated one of the websites that sold stolen payment card information to members.


The case has been highly controversial because the suspect is the son of the prominent Russian lawmaker Valery Seleznev. Shortly after Seleznev’s arrest, Moscow accused Washington of abducting a Russian national, and pointed out that this is another case in which the U.S. ignored the bilateral 1999 treaty on mutual legal assistance.

Valery Seleznev told the press that his son requires regular medical treatment after suffering brain damage in a bomb attack in Morocco in 2011.


Meanwhile, authorities in the Maldives responded to accusations by Russia that they had allowed the Unites States to abduct the alleged hacker. They clarified that they acted on an Interpol arrest warrant.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.