The U.S. Justice Department declared indictments against 22 individuals who allegedly purchasing and using credit, debit, and gift cards that were stolen in a cyberattack from a National Retain Chain.
How the Cyberattack Carried Out?
Followed by the indictment unsealed, the cyberattack occurred in 2016 and 2017 when an individual installed a malicious software program on multiple computers of the retail chain, which is headquartered in Chicago.
The malware allowed the co-schemer to capture data from more than three million payment cards, including credit cards, debit cards, and gift cards, that had been used at more than 400 of the company’s retail stores.
Subsequently, the co-schemer sold the card data for $4 million in bitcoin to another individual, who in turn sold it online to thousands of others, including the 22 charged defendants, the indictment states.
The defendants used data from the cards to purchase items at businesses throughout the country, including restaurants, gas stations, and hotels, the charges allege. At least 80 people were victimized by the defendants’ conduct, the indictment states.
The indictment claims that one of the defendants purchased more than 13,000 payment cards stolen from the retail chain, while another purchased more than 6,000 such cards. Others purchased between 2,000 and 4,000 payment cards.
The U.S Charges 22 Individuals
The 22 individuals are charged for using the payment card information to make various purchases, including at gas stations, hotels, and restaurants.
The authorities said, “Twenty defendants were arrested this month and have begun making initial appearances in federal courts throughout the country”.
“Two defendants remain at large and are believed to be residing overseas. The investigation remains ongoing”. According to the Justice Department, each defendant faces up to 20 years in federal prison for charges of wire fraud and a two-year mandatory, consecutive prison sentence for aggravated identity theft.
To read the original article: