By Iain S Bruce
August 24, 2008
AN INTERNATIONAL criminal gang has pulled off one of the most audacious
cyber-crimes ever and stolen the identities of an estimated eight
million people in a hacking raid that could ultimately net more than
2.8billion in illegal funds.
A Sunday Herald investigation has discovered that late on Thursday
night, a previously unknown Indian hacker successfully breached the IT
defences of the Best Western Hotel group's online booking system and
sold details of how to access it through an underground network operated
by the Russian mafia.
It is a move that has been dubbed the greatest cyber-heist in world
history. The attack scooped up the personal details of every single
customer that has booked into one of Best Western's 1312 continental
hotels since 2007.
Amounting to a complete identity-theft kit, the stolen data includes a
range of private information including home addresses, telephone
numbers, credit card details and place of employment.
"They've pulled off a masterstroke here," said security expert Jacques
Erasmus, an ex-hacker who now works for the computer security firm
Prevx. "There are plenty of hacked company databases for sale online but
the sheer volume and quality of the information that's been stolen in
the Best Western raid makes this particularly rare. The Russian gangs
who specialise in this kind of work will have been exploiting the
information from the moment it became available late on Thursday night.
In the wrong hands, there's enough data there to spark a major European
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!