28-year old Albert Gonzalez faces wire fraud and conspiracy charges for hacking into companies' sites to steal customers' data. Investigators believe Gonzalez and at least two Russian co-conspirators used a "SQL injection" attack to infiltrate the databases of many large corporations. By exploiting errors in coding, they found a way in the databases and "injected" new coding which basically rerouted sensitive customer data. Investigators believe Gonzalez may have gained access to as many as 130 million card numbers!
While authorities note this particular attack was a well-organized and highly-sophisticated operation, the method of attack was actually fairly "standard" and codes which can accomplish the same thing are readily available online. However, there is little customers can do to combat it, aside from closely monitoring monthly statements for any unauthorized transactions.
If convicted, Gonzalez could spend up to 25 years in jail.
© C Harris Lynn, 2009
No comments:
Post a Comment