Russian hacker charged in multiple credit card breaches

By Chad Hemenway on July 10, 2014

credit-cardsTHUMBFederal authorities said the hacker known as nCuX, Bulba and other online aliases was Russian hacker Roman Seleznev.

Seleznev allegedly was part of a hacking group that targeted restaurants between 2009 and 2011 and stole credit card data from point-of-sale terminals and operating websites to sell the cards, according to a 29-count indictment in the Western District of Washington from 2011, now unsealed. He was recently arrested by the US Secret Service and will remain in custody awaiting trial.

“This scheme involved multiple network intrusions and data thefts for illicit financial gain,” said Julia Pierson, director of the U.S. Secret Service, in a statement. “The adverse impact this individual and other transnational organized criminal groups have on our nation’s financial infrastructure is significant and should not be underestimated.”

Meanwhile, Russian officials are claiming American authorities kidnapped Seleznev and took him to Guam.

The charges in the indictment include five counts of bank fraud, eight counts of intentionally causing damage to a protected computer, eight counts of obtaining information from a protected computer, one count of possession of 15 or more unauthorized access devices, two counts of trafficking unauthorized access devices, and five counts of aggravated identity theft.

The Broadway Grill restaurant in Seattle was specifically mentioned in the indictment as a target of Seleznev. The restaurant closed in April 2013 due to a breach that exposed more than 30,000 credit cards. Other Seattle-area small businesses were affected by Seleznev’s alleged scheme to install malware, including a baker, two pizzerias and an Italian restaurant.

Seleznev also allegedly used malware to steal credit card information from Schlotzsky’s Deli in Idaho, Active Networks in Maryland, Days Jewelry in Maine, Latitude Bar and Grill in New York, Grand Canyon Theatre in Arizona and the Phoenix Zoo.

In a separate indictment out of the District of Nevada, Seleznev was charged with participating in a racketeer influenced corrupt organization (RICO) and conspiracy to engage in a racketeer influenced corrupt organization. He was also charged with two counts of possession of 15 or more counterfeit and unauthorized access devices.

Chad Hemenway is Managing Editor of Advisen News. He has more than 15 years of journalist experience at a variety of online, daily, and weekly publications. He has covered P&C insurance news since 2007, and he has experience writing about all P&C lines as well as regulation and litigation. Chad won a Jesse H. Neal Award for Best Single Article in 2014 for his coverage of the insurance implications of traumatic brain injuries and Best News Coverage in 2013 for coverage of Superstorm Sandy. Contact Chad at 212.897.4824 or [email protected].