Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

U.S. Charges 22 in Stolen Payment Cards Crackdown

The U.S. Justice Department this week announced indictments against 22 individuals who allegedly purchased and used payment cards stolen from a national retail chain.

The U.S. Justice Department this week announced indictments against 22 individuals who allegedly purchased and used payment cards stolen from a national retail chain.

Using point-of-sale malware installed at multiple retail locations of the target company, threat actors stole information of over three million payment cards, including credit, debit, and gift cards used at over 400 of the company’s retail stores.

According to the indictment, the co-conspirators then sold the hijacked data for $4 million in Bitcoin to an individual who sold it to thousands of other people, including the 22 now facing charges by the U.S. Department of Justice.

Twenty of the defendants have been arrested while the other two remain are large, likely abroad, the authorities said.

The 22 individuals are charged with using the payment card information to make various purchases, including at gas stations, hotels, and restaurants.

The indictment alleges that one of the defendants purchased more than 13,000 payment cards stolen from the retail chain, while another purchased more than 6,000 such cards. Others purchased between 2,000 and 4,000 payment cards. 

According to the Justice Department, each defendant faces up to 20 years in federal prison for charges of wire fraud and a two-year mandatory, consecutive prison sentence for aggravated identity theft.

Related: US Charges Swiss ‘Hacktivist’ for Data Theft and Leaks

Advertisement. Scroll to continue reading.

Related: U.S. Charges North Korean Hackers Over $1.3B Bank Heists

Related: US Indicts Head of Alleged Crime Chat Comms Service

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...