« Disaster Recovery

Prosecutors crack down on history’s largest data breach

Over 160 million credit card numbers were stolen by five men known as the Shadowcrew.
Over 160 million credit card numbers were stolen by five men known as the Shadowcrew.

Disaster recovery planning should be a necessity for businesses of all sizes. Failing to prepare for possible cyber attacks could mean a lengthy and expensive recovery process. Several large companies are currently working to bounce back from the largest data breach in United States' history.

A group known as the Shadowcrew is responsible for accessing sensitive information from 7-Eleven, JC Penney and other major retailers. Credit card companies like Discover and Heartland Payment Systems were also affected, with over 160 million charge card numbers stolen. However, the most prominent victim was the NASDAQ stock market, according to NBC News.

Shadowcrew's scheme to get access into NASDAQ began two years into its other operations, which started in 2005. Prosecutors are unsure of the total value of damages from the four Russians and one Ukrainian currently suspected of the crimes, according to the New York Times. Heartland Payment Systems reported a loss of $200 million alone. Shadowcrew leader Albert Gonzalez was arrested in 2008 and then worked with investigators. However, he continued to help his former team members at the same time.

"This type of crime is the cutting edge," U.S. Attorney Paul Fishman said in the Department of Justice's press release. "Those who have the expertise and the inclination to break into our computer networks threaten our economic well-being, our privacy and our national security."

What members of the Shadowcrew were able to accomplish within the U.S. and overseas in Europe is considered one of the largest data breaches the U.S. has ever prosecuted, NBC News explained.

How they were able to get away with it

Coordinating an operation this large took a lot of patience. Tasks between suspects Vladimir Drinkman, Alexandr Kalinin, Mikhail Rytikov, Dmitriy Smilianets and Roman Kotov were divided up to prevent detection.

Rytikov created the hosting services that allowed Drinkman and Kalinin to enter encrypted servers. Kotov searched the networks and Smilianets served as the individual to divide their funds and resold the swiped data, according to CNN Money. Shadowcrew also inserted structured query language (SQL) into emails and computers to get access to active, credit card numbers while transactions occurred.

"They were very patient and relentless," Fishman told the New York Times.

From there, crew members provided these stolen numbers to resellers that sold U.S. credit card numbers for $10, while European accounts went for $50. Defendants said American cards were cheaper due to their lack of magnetic card security.

At one point, Shadowcrew members subscribed to Google News alerts to see what news stations would say about their data breaches. This information was helpful to their scheme because they knew when they had to move on to another corporation.

Where the Department of Justice goes from here

Shadowcrew's ring leader Albert Gonzalez is serving a 20-year sentence in prison, possibly more for aiding the other five individuals. Smilianets is in U.S. custody and Drinkman was arrested in the Netherlands and is awaiting his extradition hearing. The other three men are still at large.

Each suspect should expect to face wire fraud, conspiracy and unauthorized access to computers charges. Wire fraud alone has a maximum sentence of 30 years in prison whereas the others are additional penalties that might total another 30 years.

Companies that partner  with business continuity consultants that specialize in disaster recovery planning will have the expertise and tools to protect themselves from future data breaches.