11 charged in theft of 40 million account numbers

The Department of Justice today said that 11 people allegedly involved in the hacking of nine major US retailers and the theft and sale of more than 40 million credit and debit card number have been charged.

The scheme is believed to represent the largest hacking and identity-theft case ever prosecuted by the department. The charges include conspiracy, computer intrusion, fraud and identity theft.

The indictment alleges the defendants hacked into the wireless computer networks of major retailers including TJX Cos., BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever 21, and DSW.

‘‘While technology has made our lives much easier it has also created new vulnerabilities,’’ said US Attorney Michael J. Sullivan. ‘‘This case clearly shows how strokes on a keyboard with a criminal purpose can have costly results.’’

The indictment alleges the hackers installed programs to capture card numbers, passwords, and account information, and then concealed the data in encrypted computer servers that they controlled in Eastern Europe and the United States.

Three of the defendants are US citizens, one is from Estonia, three are from Ukraine, two are from China, and one is from Belarus. One individual is only known by an alias online, and his place of origin is unknown.

In an indictment returned today by a federal grand jury in Boston, Albert ‘‘Segvec’’ Gonzales of Miami was charged with computer fraud, wire fraud, access device fraud, aggravated identity theft, and conspiracy.

Also, indictments were unsealed in San Diego against Maksym ‘‘Maksik’’ Yastremskiy of Kharkov, Ukraine, and Aleksandr ‘‘Jonny Hell’’ Suvorov of Sillamae in Estonia. The indictments charge them with crimes related to the sale of the stolen credit card data.

Indictments against Hung-Ming Chiu and Zhi Zhi Wang, both of China, and a person known only by the online nickname Delpiero were also unsealed in San Diego.
(AP)