If you've ever been tempted to sniff traffic on an unsecured (or WEP secured, which is pretty close to being unsecured for all practical purposes) for fun and profit, think again – it's got eleven people in trouble with retail chain TJX.
The international list of defendants – which includes three US citizens, an Estonian national, three Ukrainians, two hailing from China, a shadowy individual who appears to only exist under a web nickname, and a Belarusian according to CNet
– stand accused of obtaining credit and debit card details for over forty million
individuals in a range of retailers, most famously the TJX
group of companies which includes TJ Maxx, Marshalls, and TK Maxx here in the UK. The spree started with that old favourite, wardriving – closely followed by penetration of the insecure networks and installation of network sniffers to grab and store the data.
The three individuals unlucky enough to be on US soil when the midden hit the windmill – Albert Gonzalez, Christopher Scott, and Damon Patrick Toey – have found themselves up before the beak on charges of computer fraud, wire fraud, access-device fraud (whatever that
is), aggravated identity theft and conspiracy. The others have found themselves indicted under similar charges, with Gonzales, Maksym Yastremskiy, and Aleksandr Suvorov currently being held in custody. The remaining members are, however, “at large” - which is cop speak for “we have no idea where they are.”
Whether the remaining members of what is described by mainstream media as a “major criminal hacking gang” will ever be found and brought to justice remains to be seen – extradition from friendly countries like the Ukraine is hard enough, but it's almost unheard of for the Chinese to hand a national over to the US.
Do you know anyone who was affected by the TJX break-in? Looking forward to seeing justice done in the case of the “TJX Eleven”? Share your thoughts over in the forums