http://www.computerworld.com/s/article/9220078/Man_stole_data_from_U.S._service_members_via_P2P By Robert McMillan IDG News Service September 16, 2011 A California man who dug up sensitive information belonging to U.S. service members on peer-to-peer networks, and then used it to order iPods, cameras, and even washing machines from an online store, was sentenced to 75 months in federal prison Thursday. Rene Quimby, 42, had already pleaded guilty to fraud and identity theft charges in May. According to court filings, Quimby stumbled upon the scam four years ago after uncovering military rosters listing sensitive information online. His victim was the Army and Air Force Exchange Services (AAFES), the organization that does about US$10 billion in business annually, running the post exchange retail outlets on military bases. "Quimby learned of the AAFES.com website when he downloaded a file that contained a service member's username and password for an AAFES account," reads a factual resume signed by Quimby in May when he entered his guilty plea. "He then learned that he could use service members' social security numbers and dates of birth to log into the site." His next move was to chat with the website's customer support staff. Using the same stolen information to answer their security questions, he'd get them to tell him the victim's STAR credit card number, used to make purchases with the AAFES. He then would spend as much as he could in an online shopping spree, buying computers, cameras, iPods, even washing machines. He'd have the goods mailed to different addresses in California, where he'd pick them up and fence them. [...] _____________________________________________________________ Register now for the #HITB2011KUL - Asia's premier deep-knowledge network security event now in it's 9th year! http://conference.hitb.org/hitbsecconf2011kul/Received on Mon Sep 19 2011 - 01:15:05 PDT
This archive was generated by hypermail 2.2.0 : Mon Sep 19 2011 - 01:34:02 PDT