The Story Behind The Hackers Behind The Largest Credit Card Number Heist
from the soon-to-be-a-movie? dept
A few years ago, the story broke about how TJX, the corporate parent of a series of retail stores, including TJ Maxx and Marshalls, had suffered a huge data breach, after some hackers had accessed its computer network via an insecure wireless connection at one of the stores. A year and a half later, we wrote about the arrests of some of those involved. The following year, we wrote about another hack, at Heartland Payment Systems, that had the potential to surpass the TJX hack as “the largest ever” in terms of the number of records accessed. It later came to light that both hacks were actually done by the same guys, supposedly led by Albert Gonzalez, a hacker who was actually on the government payroll at the time (after turning informant upon being caught a few years earlier standing in front of an ATM with a handful of fake ATM cards).
Back in March, Gonzalez received a twenty year sentence for the crime — the longest sentence for “hacking”-related crime in the US. Others involved in the deal have been sentenced to shorter terms recently as well. Now, Danielle Alvarez, from the Miami New Times, points us to an article written by the paper that details the story behind the hacking, and the folks involved — including the news (which I hadn’t seen elsewhere in following this story — Update: a few people have pointed to this story that Wired had last year, which I had not seen before) that one suspect end up killing himself after hearing of Gonzalez’s arrest. It’s a long story, but reads like something that will get turned into a movie at some point. Of course, the study plays down the security flaws at the companies, like TJX, which sent unencrypted credit card data over its network (a point Gonzalez’s legal team tried to make in properly calculating how much “damage” he did). Still, it’s a fascinating story about a group of young hackers, who wanted to “get rich or die trying,” and how at least one of them succeeded at the latter.
Filed Under: credit cards, hacking
Companies: heartland payment systems, tjx
Comments on “The Story Behind The Hackers Behind The Largest Credit Card Number Heist”
Deal!
“It’s a long story, but reads like something that will get turned into a movie at some point.”
As long as we get another topless Angelina Jolie for this Hackers 2 movie, they should make it. Zero Cool rides again!
Re: Deal!
Jolie is looking pretty weathered these days. Hackers2 would need a fresh new starlet.
Re: Re: Deal!
Megan Fox?
Re: Re: Re: Deal!
Nah not Megan Fox the other hot chick from Transformers the one with the British accent.
Re: Deal!
i have bunch of those datas. including track 1 and track 2 datas. i even hacked university grades. email at
hacker4hire@hackermail.com
Hackerz
Hmmm. Sounds like a good movie if Hollywood doesn’t fuk it up! TJX got what they deserved. Security is for real. And some folks just want to screw you to screw you.
Re: Hackerz - TJX got what they deserve
Fucking asshole. The company is not the one that got screwed, the customers are.
But your to mother fucking stupid to realize that. Or just don’t give a flying fuck.
Asshole, your what drive by shootings are good for. The removal of scum.
Re: Re: Hackerz - TJX got what they deserve
Apparently, you’re what Prozac and grammar courses are designed for…
Re: Re: Hackerz - TJX got what they deserve
deep breathes, in… out… ok… chill out. Put the gun down. down! put it down!
They could get Lindsey Lohan to play a part. She already had an arrest warrant out for her.
The floppy disk hand-off scene with Zerocool and ThePlague is freakin hilarious….Plagues limo is pulling him on a skateboard….too ridiculous.
Data was encrypted
Everything I’ve read about this (except this article which doesn’t get into details) stated that the data was encrypted but using the old WEP encryption. By 2007 this was easily crackable using off the shelf tools.
From the article:
When Jonathan was 6, he began spending whole days on his dad’s PC. By middle school, he had switched the family PC from Windows to Linux so he could have more control over the code.
Jonathan’s parents were thrilled at his gifts but also wary of his disobedience. Once, when the boy was 13, his mother took away a computer after catching him online in the middle of the night. “He ran away from home and called to say that he wouldn’t come back until he got his computer back,” Bobby remembers. “We asked the police to trace the call, and he was at this Borders bookstore that was, like, four blocks away.”
This is the place where society went off the rails and the train eventually crashed. Fathers used to wear belts and they weren’t afraid to use them. Now, if you hit your kid, you’re a child abuser and our kids know it.
Re: Re:
“This is the place where society went off the rails and the train eventually crashed. Fathers used to wear belts and they weren’t afraid to use them. Now, if you hit your kid, you’re a child abuser and our kids know it.”
Oh, that’s just GENIUS. Because I’m sure the prison systems of our country are absolutely rife with men and women that WEREN’T smacked around as kids….
Idiot.
..and Ggogle gets nothign for the same...
So he gets 20 years for capturing freely accessible data from their wi-fi, but Google says “I’m sorry – we captured freely accessible data from thousands of wi-fi systems – and tehy get nothing but some bad net-publicity.
Murderers, drug dealers and rapists get less time than this guy; somethings terribly wrong here.
Re: ..and Ggogle gets nothign for the same...
So he gets 20 years for capturing freely accessible data from their wi-fi, but Google says “I’m sorry – we captured freely accessible data from thousands of wi-fi systems – and tehy get nothing but some bad net-publicity.
Um, *totally* different situations. One, as noted elsewhere in the comments, the data wasn’t on open WiFi, just on a super weak WEP system. Two, the hackers, once they got into the local network, hacked their way up to the overall corporate system. Three, Google wasn’t scarfing down all of the data, just brief snippets as they drove by. Four, Google wasn’t getting credit card info. Five, and most importantly, Google wasn’t them selling them to organized criminals in Eastern Europe for millions in cash…
"a hacker who was actually on the government payroll"
“one suspect ended up killing himself” — People anywhere near a gov’t op that gets exposed are *highly* likely to “suicide”.
Wired covered Jonathan James’ suiced in July of 2009:
http://www.wired.com/threatlevel/2009/07/hacker/
Looks like the Miami New Times actually did a lot of legwork and got some new details for their story, however. Good for them.
sad story, especially Jonathan James’ suicide. Albert deserves to serve a long time. even his plea comes across as arrogantly-contrite. amazing he had millions in cash in plastic tubs burried in his backyard.
well, if you’re going to lead a life of crime ya might as well go for the gusto……
Have to add...
You have to add the fact that the head security guy the company brought in to fix the problems quit because they would not let him do the right things or listen to his sound security advice which leaves them still vulnerable.
Gay story
It’s all true
hacker for hire
hacker for hire
hacker4hire@hackermail.com
Special Service Form Installsmarket, Loadssell, Carders, Wizard.(Offering The Best Skim Dumps,Track1/2 Bank Login And Cc Only.)
Special Service Form Installsmarket, Loadssell, Carders, Wizard.(Offering The Best Skim Dumps,Track1/2 Bank Login And Cc Only.)
Sell CVV2 Fresh:
US CVV $2 Visa,US CVV $3 Master,US CVV $5 Amex,US CVV $6 Discover
Uk CVV $6 Amex/Disc,Uk CVV $4 Master/Visa
EU CVV $8 Disc/Amex,EU CVV $6 Master/Visa
CA CVV $3 Master/Visa ,CA CVV $6 Disc/Amex
CVV From All Country In World Is Available.
and You Can ask For Special Bin.
We Search In Our Big Db.
CVV Selling Option :
We Checked Cvv B4 Sell You.
We Replace Dead Cvv In 48 Hurs.
CVV Selling Option :
We Checked Cvv B4 Sell You.
We Replace Dead Cvv In 48 Hurs.Fulls come with this info
Firstname, Lastname, Address, City, State, Zipcode, Phone, SSN, Mother’sMaidenName, DOB,
Driver’s License # and state, Email pass , Verifiedbyvisa pass, Cardnumber, Expiry Date, CVV2,
Employment, Position Held
Bank pass, number, name, account number and Routing Number and other infoz.
Dumps Pricse List:
Usa:
Visa Classic, MasterCard Standard – 15$
Visa Gold | Platinum | Business, MasterCard Gold | Platinum – 30$
Canada:
Visa Classic, MasterCard Standard – 30$
Visa Gold | Platinum | Business, MasterCard Gold | Platinum – 40$
EU, UK:
Classic/Standard =55$
Gold/Platinum =75$
Business/Signature/Purchase/Corporate/World =100$
Other countries:
MasterCard| Visa Classic – 40$
Visa Gold|Platinum|Corporate|Signature|Business – 55$
Sample Of Dumps:
Track1 : B4096663104697113^FORANTO/CHRI STOPHER M^09061012735200521000000 ,
Track2 : 4096663104697113=0906101273525 21
372376064851003=0904051136147; PURCELL/JOHN
5232258252218386=0904101000007 2500604
4217642188250286=1011101803115 5200000;B42176421882 50286^POPOVICH/SHERRY ^10111018031155200000
5472742570155205=11041010000070000000
B5588320028938646^STOUGH/WILLIAM M ^110110101501029000000000000000000*5588320028938646=1101101015010290**
B5528300065123784^HOLLAND/JEREMIAH V ^120110100000001601000000286000000*5528300065123784=1201101016010286**
B5588320041716144^HODGES/THOMAS L ^100710101501830000000000000000000*5588320041716144=1007101015018300**
B5588450919403291^WARD/JENNIFER ^1202101000000000289000000*5588450919403291=12021010000028900**
Bins List:
;Corporate And Debit For Italy: Banca di Sassari
400325 – 1 (Other: 1 ),402041 – 2 (201: 2 ),402186 – 1 (201: 1 ),402360 – 12 (Other: 12 ),
Debit;visa;Classic For Uk:HSBC Bank PLC
465976 – 1 (201: 1 ),465950 – 3 (201: 3),465944 – 2 (201: 2 ,465943 – 2 (Other: 2 )465941 – 1 (201: 1 )
Credit,Visa,Classic For France:Caisse National
497671 – 1 (201: 1 ),497601 – 1 (201: 1 ),497546 – 1 (201: 1
),497539 – 1 (201: 1 )
DEBIT;mc;STANDART For Spain:MASTERCAJAS S.A.
554013 – 1 (101: 1 ),554001 – 1 (201: 1 ),554001 – 1 (201: 1 )553435
– 1 (201: 1 )
Gold,Platinum,Business,Small Corporate For Us:unknown;amex
371756 – 1 (Other: 1 ),371745 – 2 (Other: 2 ,371726 – 1 (Other: 1 ,371707 – 1 (Other: 1 ,372050 – 1 (Other: 1 ,
DEBIT;mc;WORLD;;; For Us: – CHASE BANK USA, N.A.;
546615 – 1 (101: 1 ),546615 – 1 (101: 1 ),546604 – 2 (101: 2 ),
Bank Login :
Bank Login From Usa And Eu And Uk And Asia Is Avaiable.
Available Bank Login With They Are Screen Shot A Side :
Abbey (Screen Shot Link):
HSBC(Screen Shot Link):
Chase(screen Shot Link):
HDFC Bank(Screen Shot Link):
BOA(Screen Shot Link:
Bank Of America(Screen Shot Link):- http://i37.tinypic.com/14j3lmx.png – Online
And We Have Good Service For Bank Transfering For You .
And Our Service Is Very Fast And Safe And immediate .
BankLogins Prices:
BALANCE IN CHASE ……….70K TO 155K ========160$
BALANCE IN BOA……….75K TO 450K==========300$
BALANCE IN COMPASS……….ANY AMOUNT=========300$
BALANCE IN ABBEY…………..82K ===========700$
BALANCE IN HSBC……………..50K========350 $
Be Very Carefull When Dealing With Someone Dnot Loose Your Money To Fucking Rippers
And We Hope To Give The Best Stuff You Will Love Dont Forget That We Need More Customers.
Contact Details
——————————————————
Yahoo Id: Duong_bmt50
Yahoomail: Duong_bmt50@yahoo.com
Icq: 624558010
— My Private Email: Duong_bmt50@hotmail.com
hello
all these things you guys doing here is fake inorder to get money from guys posting alot of things in here
Carding
I have cc top up,.rdp,smtp, socks, dumps without pin, cvv all countries, shopping etc. contact me at devilmugu99@yahoo.com..cheers