More alleged cybercriminals behind the record-breaking data breach of Heartland Payment Systems and other companies were named today in newly unsealed federal indictments that reveal more breached organizations.

In what federal officials are calling the largest-ever data breach scheme prosecuted in the U.S., five men from Russia and the Ukraine have been indicted for hacking into computers at NASDAQ, 7-Eleven, Carrefour, JCP, Hannaford, Heartland, Wet Seal, Commidea, Dexia, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore, and Ingenicard.

Most of the breaches began with SQL injection attacks on the victim organizations' databases; once inside, the attackers planted backdoor malware to retain a foothold in the networks, from which they pilfered some 160 million credit card accounts, amounting to hundreds of millions of dollars in financial losses, according to the U.S. Attorney's Office in New Jersey. Three of the victim companies reported $300 million in losses. Read full story on Dark Reading


Post a comment to the original version of this story on Dark Reading