LONDON: An unknown Indian hacker is being charged with the greatest cyber heist in history for allegedly helping a criminal gang steal identities of an estimated eight million people in a hacking raid that could ultimately net more than £2.8 billion in illegal funds.An investigation by Scotland's Sunday Herald newspaper has discovered that late on Thursday night a previously unknown Indian hacker successfully breached the IT defences of UK-based Best Western Hotel group's online booking system and sold details of how to access it through an underground network operated by the Russian mafia.
There are no details yet on how the hacker was identified to be an Indian and if a probe is on to identify the person.
The attack scooped up personal details of every single customer that has booked into one of Best Western's 1312 continental hotels since 2007. Amounting to a complete identity-theft kit, the stolen data includes a range of private information including home addresses, telephone numbers, credit card details and place of employment.
"They've pulled off a masterstroke here," said security expert Jacques Erasmus, an ex-hacker who now works for the computer security firm Prevx.
"There are plenty of hacked company databases for sale online but the sheer volume and quality of the information that's been stolen in the Best Western raid makes this particularly rare... In the wrong hands, there's enough data there to spark a major European crime wave."
The nature of internet crime makes it extremely difficult to track the precise details of the raid, but the newspaper understands that a hacker from India — new to the world of cyber crime — succeeded in bypassing the system's security software and placing a Trojan virus on one of the Best Western Hotel machines used for reservations. The next time a member of staff logged in, her username and password were collected and stored.
With eight million people staying in the hotel group's 86,375 rooms every year, gaining access to the system is a major coup for the cyber-criminals responsible. Given that criminals now have access to all bookings from 2007-2008, and based on FBI-sponsored Internet Crime Complaint Center's reports that the average victim of internet crime loses £356, they are sitting on a potential haul of at least £2.84 billion.
No comments:
Post a Comment