Indian police said yesterday that they have detained a Ukranian man charged in the U.S. with stealing some 40 million credit and debit card numbers.

Sergey Storchak was detained after he landed in New Delhi on a domestic flight from the southwestern holiday state of Goa on Monday, a police spokesman said. He is one of 11 people wanted by the U.S. Justice Department in "the largest hacking and identity theft case ever prosecuted," which was filed in August 2008.

Besides Storchak, three Americans, two Ukrainians, two Chinese, one Estonian, a Belarussian and an unidentified suspect are on the wanted list, the Justice Department said.

The group is accused of obtaining credit and debit card numbers by hacking into the computer networks of major U.S. retailers -- including Barnes & Noble, OfficeMax, shoe retailer DSW, and Sports Authority.

Once inside the network, "sniffer programs" captured credit card numbers, passwords, and account information, police said. The data was stored in encrypted servers controlled from Eastern Europe and the United States.

Some stolen numbers were sold to other criminals, while others were encoded on blank cards and used to withdraw tens of thousands of dollars from bank machines, the Justice Department statement says.

According to news reports Storchak was arrested after a tip-off by the FBI. He was identified by a photo and the airline's passenger list, the reports say.

The FBI will have to formally apply for Storchak's extradition to take him to the United States.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.