{"id":1967,"date":"2012-06-29T00:00:00","date_gmt":"2012-06-29T00:00:00","guid":{"rendered":"http:\/\/otava.test\/international-credit-card-data-theft-operation-revealed\/"},"modified":"2012-06-29T00:00:00","modified_gmt":"2012-06-29T00:00:00","slug":"international-credit-card-data-theft-operation-revealed","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/international-credit-card-data-theft-operation-revealed\/","title":{"rendered":"International Credit Card Data Theft Operation Revealed"},"content":{"rendered":"

A two-year FBI operation led to the arrest of 24 credit cardholder data thieves from eight different countries – the crime ring, dubbed \u201cOperation Card Shop,\u201d involved the buying and selling of stolen identities, credit cards, counterfeit documents and hacking tools, according to DarkReading.com.<\/p>\n

One defendant sold malware with remote access tools that allowed hackers to view and remotely control an infected computer. If the user visited a banking website and logged into their account, the hacker could record and use the information to access their account and resources.<\/p>\n

Another hacker stole data from internal databases of banks, hotels and several online retailers, and mistakenly sold the credit cardholder data to an undercover FBI agent. Another defendant had information for more than 50,000 credit card accounts that he used to sell counterfeit encoded credit cards. One hacker sold information he stole by hacking into an online hotel booking site – including cardholder names, addresses, Social Security numbers, birthdates, mother\u2019s maiden names and bank account information.<\/p>\n

The massive crime ring exemplifies the need to secure databases and credit cardholder data by using a multi-layered approach – the requirements of PCI DSS compliance address many vulnerabilities and areas that can be secured with the right technology. PCI technical requirements include (but might not be limited to):<\/p>\n