[custom_frame_center shadow=”on”][/custom_frame_center]
A data breach is an incident in which sensitive, protected or confidential data has potentially been viewed, stolen or used by an individual unauthorized to do so.
Adware
As if ads weren’t pervasive enough on the Web, some cyber criminals would have them invade your PC itself. Last June 2008, 21-year-old Robert Matthew Bentley was sentenced to 41 months in prison for taking part in an organized cyber crime ring that installed “adware” – malicious software that causes ads to appear on hundreds of victims’ computers. Bentley is likely part of a much larger criminal organization: The case’s full indictment, which also includes charges against unnamed co-conspirators and involves law enforcement agents in England and France as well as four U.S. states, remains sealed.
Counterfeit Software
Distributing pirated software is a common enough crime. But few manage to sell quite as much of it as 24-year-old Timothy Kyle Dunaway, who pleaded guilty last October to selling more than $1 million worth of counterfeit software on more than 40 e-commerce sites he hosted in Vienna, Austria and Malaysia. Dunaway was sentenced to 41 months in prison and was forced to forfeit the Ferrari 348 TB and Rolex watch he bought with his illicit revenues.
Identity Theft
Digital intrusion and identity theft don’t always require technical hacking skills. In the case of Precious Matthews, Ezenwa Onyedebelu and Brandy Anderson, it required only careful research. The three pleaded guilty in November to an identity theft scheme that used publicly available Web databases to search for individuals with large balances in home equity line of credit accounts and also to determine the answers to security questions like the victim’s mother’s maiden name. Using that personal information, they were able to convince customer service representatives for the victims’ banks to transfer millions out of their targets’ accounts.
Insider Data Theft
Subprime mortgage loans weren’t the only rotten things at now-defunct Countrywide Home Loan last year. So, it seems, was Rene Rebollo, who allegedly spent his Sundays over the course of two years downloading customer data onto a USB thumb drive and selling it to identity thieves. Rebollo was arrested in August of last year and faces up to five years in prison.
Swatting
Phreaking, the phone-based hacking culture pioneered in the 1950s, hasn’t disappeared. But it has become more malicious. Last May, Stuart Rosoff, Jason Trowbridge and Chad Ward were sentenced to 60 months in prison for a scheme known as “swatting.” The trio gained access to their targets’ phone account information by hacking into phone company servers or tricking company employees. They then used that information to spoof emergency phone calls from victims’ homes, causing police SWAT teams to break down their doors and terrify them.
Distributed Denial of Service
Phishers and data thieves typically steal data wherever they’re available. cyber criminals who launch so-called distributed denial of service attacks are more discriminating. DDOS attacks work by installing hidden software on thousands of unwitting users’ machines and using those zombie PCs to flood a target with requests for information. On May 11, 19-year-old Dimitry Guzner pleaded guilty to charges that he had used that crowd-sourced crime tactic to shut down several Church of Scientology Web sites. Last June, 21-year old Gregory King admitted he used a similar trick to shut down Castlecops, a cyber crime prevention site.
Stock Spam
The last few years saw the rise and fall of a new form of spam e-mail: stock spam that cyber criminals used to convince recipients to buy a company’s shares before the spammer dumped his or her stake in the company. Over the last year, three members in a major stock spam ring allegedly led by 52-year old Alan Ralsky pleaded guilty to sending tens of millions of spam e-mails to tout Chinese penny stocks, selling their shares for millions in gains. As the Securities and Exchange Commission has frozen trading of spammed stocks and the FBI has cracked down on stock spam rings, many of the schemes have evaporated.
Phishing Spam
For years, cyber crime has been moving from the U.S. to Eastern Europe and Asia, where it’s equally lucrative and far harder to prosecute. But one cyber criminal recently moved in the opposite direction. In March, Ovidiu-Ionut Nicola-Roman, a Romanian citizen, became the first foreigner to be extradited to the U.S. and convicted of phishing. Nicola-Roman was sentenced to 50 months in prison. His case marks the first sentence in the prosecution of a cyber criminal ring that has allegedly sent more than a million spam e-mails imitating bank notices, designed to trick recipients into entering their account information.
Data Theft
In 2008, the TJX Companies revealed that it had suffered a massive data breach: Hackers had intercepted and stolen around 50 million credit card numbers traveling across the wireless network of its TJ Maxx retail store. More than 18 months later, an equally massive bust followed. Eleven individuals from Estonia, Ukraine, China, Belarus and the U.S. allegedly formed a sophisticated hacking team, breaking into the wireless networks of TJ Maxx and other retailers from the stores’ parking lots, siphoning off account details, and using them to withdraw millions of dollars from ATMs.