10 Massive Security Breaches

Authorities on Friday announced the arrest of 111 people in what they're calling the biggest identity theft bust in U.S. history.

"This is by far the largest--and certainly among the most sophisticated--identity theft/credit card fraud cases that law enforcement has come across," said Richard A. Brown, the district attorney of Queens, N.Y., in a statement announcing the arrests.

"Many of the defendants ... are accused of going on nationwide shopping sprees, staying at five-star hotels, renting luxury automobiles and private jets, and purchasing tens of thousands of dollars worth of high-end electronics and expensive handbags and jewelry with forged credit cards that contained the account information of unsuspecting consumers," said Brown.

[The smart money treats data breaches as a 'when' not an 'if,' proposition Is your data breach response ready for primetime?]

Authorities said that the investigation--dubbed "Operation Swiper"--began in 2009, and grew to involve not just physical surveillance, but also "court-authorized electronic eavesdropping on dozens of different telephones in which thousands of conversations were intercepted--many of which required translation from Russian, Mandarin, and Arabic to English."

Prosecutors said the arrests involved five different identity theft and credit-card-forgery rings, operating for a year and a half out of Queens County, in New York City, but with ties to Europe, Asia, Africa, and the Middle East. So far, more than 90 of the defendants have been charged with corruption under New York's Organized Crime Control Act. Other charges included identity theft and robbery. Notably, five people were charged with stealing cargo worth $95,000 from Kennedy Airport, and seven were accused of stealing computer equipment worth at least $850,000 from the Citigroup Building in Long Island City.

According to the indictments, the criminal rings fraudulently obtained credit card numbers, then used them to manufacture fake credit cards and identification. From there, teams were deployed as mules on shopping expeditions to purchase such goods as high-end electronics, handbags, and jewelry--often based on the ease with which the goods could later be fenced--and then sending it back to ringleaders via Federal Express and UPS. Authorities also accused the mules of using the fake credit cards to stay in high-end private villas and luxury hotels, to rent Lamborghinis and Porsches, and in one case, even renting a private jet to make a run from New York to Florida.

As part of the investigation, last week court-authorized search warrants were executed at 15 New York City and Long Island locations, several of which served as "mills" for generating fraudulent documents, said authorities. The raids recovered about $650,000 in cash, seven handguns, a box truck--filled with electronics, jewelry, and shoes--as well as credit card skimmers, fake identification, and blank credit cards.

According to the indictments, U.S. and European consumers, retail businesses, as well as financial institutions--including American Express, American Express, MasterCard, and Visa--collectively suffered $13 million in losses as a result of the gangs' activities. But the amount of losses may continue to mount. "Even after the culprits are caught and prosecuted, their victims are still faced with the difficult task of having to repair their credit ratings and financial reputations. In some cases, that process can take years," said Brown.

"These weren't holdups at gunpoint, but the impact on victims was the same. They were robbed," said Raymond W. Kelly, police commissioner of New York City, in a statement. "We assigned detectives to financial crimes because of the potential victimization is so great, especially as the use of credits cards and their vulnerability to identity theft have grown along with the Internet."

According to the indictments, the crime rings were run by Imran Khan, Ali Khweiss, Anthony Martin, Sanjay (aka Rocky) Deowsarran, and Amar Singh. The indictments said that they sourced their skimming equipment, including blank credit cards, primarily from China, Lebanon, Libya, and Russia. Authorities also alleged that attorney Susan Persaud assisted Khan by advising his gang on techniques for evading law enforcement operations, and that she received stolen items--including designer shoes--as payment.

The indictments also accuse Fnu Gustawian, Kah Sheng Poh, and Allen Lam (aka Benny Ahoo) of selling--fencing--the stolen goods, alleging that Gustawain tended to handle the Apple products and electronics, while Ahdoot handled jewelry, including Rolex and Breitling watches.