Officials Begin Credit Card Data Theft Crackdown

from the will-it-matter? dept

Wed, Mar 29th 2006 2:18am — Mike Masnick

Officials in the US and the UK are talking about a new operation designed to take down the major players involved with the online trade in pilfered credit card info. The US arrested seven people yesterday, apparently bringing the total to 21 in the last three months. It's good to see some sort of response from the government, but does anyone think this will actually have even the slightest impact on the traffic of credit card info or on data breaches involving credit card info? By all means, the feds should be going after the criminals, but the real solution to this problem isn't in punishing the thugs involved, but coming up with a better system to protect people's financial info. That means that simply having a collection of numbers stored in some database shouldn't be enough to do any damage.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

16 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

giafly, 29 Mar 2006 @ 3:27am

From the Yes it Will dept
Re: does anyone think this will actually have even the slightest impact on the traffic of credit card info or on data breaches involving credit card info?

Yes, but not much.
[ link to this | view in chronology ]
Andrew Strasser, 29 Mar 2006 @ 3:54am

I think it will.
With the technology we have today it should be rather easy to bring down some major players. Once some major players start to fall the little guy's will see what fates are in front of them and be more easily dissuaded from "Doing the Bad." Whatever that may be. I think this is excellent and a very needed response to a growing intl. concern.
[ link to this | view in chronology ]
Mitch, 29 Mar 2006 @ 4:38am

Website errors
Hey Mike I think something is going on with the site. All articles are coming with these errors at the top of the page.

Warning: connect(): Can't connect to gamma.techdirt.com:11211, Unknown error (0) in /home/gamma/www/includes/techdirt-functions.php on line 484

Warning: connect(): Can't connect to gamma.techdirt.com:11211, Unknown error (0) in /home/gamma/www/includes/techdirt-functions.php on line 809

Warning: connect(): Can't connect to gamma.techdirt.com:11211, Unknown error (0) in /home/gamma/www/includes/techdirt-functions.php on line 623

Warning: set(): cannot find connection identifier in /home/gamma/www/includes/techdirt-functions.php on line 650

Warning: connect(): Can't connect to gamma.techdirt.com:11211, Unknown error (0) in /home/gamma/www/includes/techdirt-functions.php on line 292
[ link to this | view in chronology ]
- dani, 29 Mar 2006 @ 5:21am
  
  Re: Website errors
  Yep, thats happening to me too. And an error on the home page with
  Warning: connect(): Can't connect to gamma.techdirt.com:11211, Unknown error (0) in /home/gamma/www/includes/techdirt-functions.php on line 545
  
  But everythings seems to be working fine.
  [ link to this | view in chronology ]
Brad Martin, 29 Mar 2006 @ 5:12am

greate work feds!
"but the real solution to this problem isn't in punishing the thugs involved, but coming up with a better system to protect people's financial info."

This is like saying that when someone shoots and kills someone else, punishing the thugs isn't the problem, you need to make safer weapons.

The card industry is working hard to protect us and the governments also need to. PCI-DSS (google it) is a great start to ensure security.

It would be great to see some federal laws that in conjunction with the PCI-DSS to make sure that retailers are compliant.
[ link to this | view in chronology ]
- ehrichweiss, 29 Mar 2006 @ 7:33am
  
  Re: greate work feds!
  "This is like saying that when someone shoots and kills someone else, punishing the thugs isn't the problem, you need to make safer weapons."
  
  I like what you have to say but your analogy is ultra-weak here. Punishing the criminals isn't the problem...that's a *consequence* of their actions; the problem is that we own the "weapons" and there are no protections to keep them from being stolen from, and consequently used on, US. We don't need safer guns, we need better gun safes.
  [ link to this | view in chronology ]
  - Aixkami, 29 Mar 2006 @ 9:59am
    
    Re: Re: greate work feds!
    Isn't that the Dem's mantra related to Guns and crime in general? "Don't punish the people committing the (insert crime here, ex: child molestation, murder, rape, etc), build safer weapons!?"
    [ link to this | view in chronology ]
john, 29 Mar 2006 @ 5:20am

The trade of private info.
The technology that is used in credit cards is really vulnerable. Every Tom, Dick and Harry is able to crack it. The government has not yet been able to do anything substantial. It should start by taking down the big players and then think about coming up with better software.
[ link to this | view in chronology ]
Mike Phillips, 29 Mar 2006 @ 6:14am

Another Wonderful Idea
Any information stored on the web is vulnerable and that's that! You can not hope to compete with criminals that have some of the highest recorded IQs and are at it 17 hours a day. If they want the information it is available. The majority of the problem is internal (but none will admit it). As for this comment:

"I think it will. by Andrew Strasser on Mar 29th, 2006 @ 3:54am
With the technology we have today it should be rather easy to bring down some major players. Once some major players start to fall the little guy's will see what fates are in front of them and be more easily dissuaded from "Doing the Bad." Whatever that may be. I think this is excellent and a very needed response to a growing intl. concern."

The majority of the individuals involved in this sort of activity operate without fear of prosecution, this is due mostly to the fact that they are located out of US jurisdiction, think Germany, Czech Republic ,29A and Marek Strihavka.

One must also take into consideration that the majority of the virus-writers,crackers,hackers whatever, work for the company's that are creating your internet security programs! Don't you love it!

To sum it up, if you store sensitive information on the web you are vulnerable, now and forever!
[ link to this | view in chronology ]
Vik B, 29 Mar 2006 @ 8:21am

Data by itself can be stolen anytime
Data by itself can be stolen anytime. whether it may be credit card numbers or username passwords.

what i do not understand is the way we are dealing with the issue, we keep our door open and then blame the people for coming in. your credit card, your identity is always out there in the open. anyone with your credit card can use it.

but if you had a lock on the card or your personal credit, they could not.

wouldnt it be better to place a lock on your assets.
[ link to this | view in chronology ]
Mick Savage, 29 Mar 2006 @ 8:22am

Dolts. All of the politicians and sheeple.
Think this makes you "safe"?
The idiots that dreamed up the "security" are the same ones trying to fix their defects? That is like tasking the torturers in Iraq to police themselves.
Don't you all get it? There are no solutions. As the other posters note in the comments to this post - there is no "safety".
Duh...
[ link to this | view in chronology ]
David, 29 Mar 2006 @ 10:42am

I'm Glad
For Being one that was recently spoofed, I'm glad the gov't is doing something about it. Also, these such hackers go after big corporations like banks, that have hold alot of information and at times become very vunerable. There are alot of STATIC leaks everywhere that can be, w/ a ingenius mind, be put all back together again.
[ link to this | view in chronology ]
Anonymous Coward, 29 Mar 2006 @ 11:03am

Con games will always exist
The difficulty is the system, I agree. But when you over-engineer these systems, you lose valuable capabilities and limit use. Credit card theft, identity theft, etc. are for the most part con games. The system makes some assumptions that people will play fair and that people will recognize scams. Almost any system can be hacked, and the ones that are locked tight are prohibitively expensive.
Now the recent bank PIN debaucle is ridiculous and is a true system error. Stores should not see this information to have the ability to store it. All the store should need is an approval from the verified credit processor.
[ link to this | view in chronology ]
Andrew Strasser, 29 Mar 2006 @ 12:25pm

Con games will always exist
Now the recent bank PIN debaucle is ridiculous and is a true system error. Stores should not see this information to have the ability to store it. All the store should need is an approval from the verified credit processor.

I must totally agree there that that is ridiculous because by just the mention of it how many stores have been hacked to see if they have that info....

Then with that... Of all the countries you mentioned, I'd go to none really to hide from the U.S as they all have extradition treaties. Laws are laws.
[ link to this | view in chronology ]
adam, 22 Apr 2006 @ 4:36pm

(none)
[ link to this | view in chronology ]
credit card safety, 16 Jan 2007 @ 9:49pm

protect your financial info
"but the real solution to this problem isn't in punishing the thugs involved, but coming up with a better system to protect people's financial info." But you can do something to protect your personal info: 1. when you write a check, never allow salers to write down your credit card number on the check. 2. when you pay with credit card, never let the salesperson write down your social security number. 3. never give your credit card account number over the telephone! 4. before entering your credit card number into any website make sure you know exactly who you�re dealing with and that their reasons for needing your credit card number are legitimate
[ link to this | view in chronology ]