Federal prosecutors charged five men Thursday with stealing 160 million credit card numbers over the course of seven years, in what is being called the largest data theft case ever prosecuted in the U.S.
Paul Fishman, the U.S. attorney in New Jersey, said that hackers from Russia and Ukraine participated in a "worldwide scheme that targeted major corporate networks, stole more than 160 million credit card numbers and resulted in hundreds of millions of dollars in losses," reports Bloomberg Law.
Their collaborator in the far-reaching scheme was Albert Gonzalez, a hacker currently serving 20 years in federal prison for stealing credit card numbers from retailers including 7-Eleven and OfficeMax (OMX).
The stolen payment data was encoded onto magnetic strips and used to make purchases at merchants and withdraw money from ATMs. Reuters reports that corporate victims of the scheme include Visa (V), NASDAQ, J.C. Penney (JCP) and JetBlue (JBLU), and the U.S. attorney said that just three of the victimized companies account for $300 million in losses.
Federal law severely limits consumers' liability in cases of credit or debit card fraud, so such data breaches ultimately have the greatest impact on financial institutions. That doesn't mean they can't be a tremendous headache for cardholders, though -- especially those who don't notice the fraudulent charges right away.
And this case is yet another reminder that even the most careful consumers can become victimized by identity theft and financial fraud if the companies they do business with are breached. As such, it's important to take proactive steps to protect yourself, including monitoring your accounts carefully, setting up account alerts for unusual activity and signing up for an identity theft protection service.
Matt Brownell is the consumer and retail reporter for DailyFinance. You can reach him at Matt.Brownell@teamaol.com, and follow him on Twitter at @Brownellorama.
Seven Ways to Protect Your Identity