Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stratfor Breach Leads To Over $700k In Fraud

Posted by Soulskill on from the send-them-a-bill dept.

wiredmikey writes "It isn't often that after a data breach involving credit cards, the public is given information on the exact amount money lost by consumers as a result. Thanks to the FBI, however, we now have a better understanding of what 60,000 stolen credit cards translates to financially, as this data was included in their investigation notes while working the Stratfor case. The last time the public had something close to actual stats from the source, we learned that the TJX breach cost Visa $68 million in 2007, two years after the TJX network was compromised by Albert Gonzalez. Yet, those were Visa's estimates. Now, in the aftermath of the Stratfor breach, the FBI has attributed $700,000 worth of charge fraud to the 60,000 credit card records taken during the network compromise. AntiSec supporters walked away with 860,160 usernames and passwords, in addition to the credit card records."

8 of 68 comments (clear)

  1. So here we have the real motive by msobkow · · Score: 5, Insightful

    Money.

    Not "leaked documents" or "liberated intelligence."

    Plain old fashioned credit card fraud.

    --
    I do not fail; I succeed at finding out what does not work.
    1. Re:So here we have the real motive by IamTheRealMike · · Score: 5, Informative

      No, I think the real motivation was ideological if you read the profiles of Hammond. He used the stolen numbers to donate to charity.

      The problem is, he's an idiot who doesn't understand how credit cards work. Fraudulent charges to charities actually hurts them because they get fined when chargebacks occur. So they don't get to keep the money, they lose extra money on top, and VISA/MC have a habit of disconnecting you from the credit card system entirely if they get too many chargebacks.

      It's really tough to imagine a nastier or more stupid thing to do than use stolen credit cards with charities.

    2. Re:So here we have the real motive by Man+On+Pink+Corner · · Score: 5, Interesting

      It's really tough to imagine a nastier or more stupid thing to do than use stolen credit cards with charities.

      Maybe that was Hammond's whole idea. By feeding bogus credit-card donations to controversial charities like the Church of Scientology, ACLU, NRA, or Freedom From Religion Foundation, you could effectively DoS them, as far as their ability to take Visa/MC is concerned.

  2. The real losers by IamTheRealMike · · Score: 5, Informative

    What the summary doesn't make fully clear IMHO is that the cost of this fraud is not carried by VISA or the banks, but rather passed on to merchants ... who ultimately pass the cost on to anyone who uses credit cards. That is unfortunate, because it means the organizations financially incentivized to solve fraud are the ones who can't do anything about it. The organizations who can make these things more secure don't pay the price, which may explain why credit cards are still so insecure.

  3. Charge fraud is the new armed bank robbery by VinylRecords · · Score: 5, Interesting

    Credit card fraud is a huge illegal industry. It finances drug gangs and cartels, terrorists, small organized crime, major organized crime (mafia), and occasionally the rogue individual hacker. It's the new form of armed bank robbery. Instead of guns they use computers though.

    Of course while $700K in fraud by a few people is nothing to ignore, it is a bit ridiculous that the FBI devotes so many resources to catching these scumbags, while virtually ignoring the guys who swindle billions of dollars through stocks, insider trading, and pyramid schemes.

    1. Re:Charge fraud is the new armed bank robbery by fuzzyfuzzyfungus · · Score: 5, Interesting

      At least doubly ridiculous in this case because Stratfor was 0wned after the FBI had infiltrated lulzsec, by the FBI's mole, using (in part) FBI provided server space to disseminate the goods...

      Given lulzsec's generally loose-cannon approach, it isn't clear that the FBI had to put them up to it; but the FBI certainly did stand by and do some case building while they knowingly watched Stratfor and their customer lists burn... I'll be interested to see if that ends up being awkward for them in some way...

    2. Re:Charge fraud is the new armed bank robbery by Theophany · · Score: 5, Insightful

      The FBI "virtually ignore" them because it's the SECs job. That's like bemoaning the LAPD because it spends no time solving homicides in NYC.

    3. Re:Charge fraud is the new armed bank robbery by nedlohs · · Score: 5, Informative

      Not quite. The FBI also invetigate such cases - sometimes with the SEC sometimes without.

      The funny thing is they've kicked it up in the last couple of years (with about 60 convictions), but the OP is too slow to notice:

      http://www.cnbc.com/id/46623058/FBI_Expands_Crackdown_on_Insider_Trading