How the TJX and Heartland Hackers Worked

The group of hackers alleged to have broken into the networks of a string of companies, including TJX, Hannaford and Heartland Payment Systems, were in no hurry once they worked their way into the companies’ systems. In fact, they had plenty of time to do their dirty work, in some cases sitting inside the networks and stealing data for as long as a year.

Heartland, TJX Attacks Look Sadly Familiar

The news that federal authorities have indicted the man they claim is responsible for the TJX attack for also allegedly hacking into the networks of Heartland Payment Systems, 7-Eleven and the Hannaford Brothers grocery chain shows that law enforcement is indeed stepping up its work on cybercrime. But it also provides what is probably the clearest evidence to date that the people executing these attacks are highly competent, organized and motivated.

Three Indicted For Hack Attacks on Heartland, Hannaford

A Miami man and two Russians have been indicted [usdoj.gov] by a grand jury in New Jersey on charges of conspiring to commit some of the largest data breaches in U.S. history.

Albert Gonzalez, 28, and the two still-unnamed Russian citizens are charged with running an international scheme to steal more than 130 million credit and debit card numbers along with personally identifying information from five companies, including Heartland Payment Systems Inc., 7-Eleven Inc. and Hannaford Brothers Co. The two other companies were not named in the indictment because their breaches have not yet been made public.  Read the full story [computerworld.com]  Here’s a PDF link to the indictment [washingtonpost.com]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.