Tucson Man Gets 7 Years For Buying, Using Stolen Identities
The identity theft operation bought identities and credit card info from overseas suppliers and then used it to make phony cards to withdraw money from ATMs.
A Tucson, Ariz. man was sentenced to seven years in federal prison this week for buying stolen identities and credit card numbers.
Jacob Vincent Green-Bressler, 21, was sentenced in U.S. District Court to 84 months " 60 months for a felony conspiracy offense and a 24-month consecutive sentence for aggravated identity theft. He pleaded guilty on March 9 to conspiracy to commit offenses against the United States and aggravated identity theft, as well as a misdemeanor possession of stolen authentication features charge.
In addition to his prison sentence, the court ordered Green-Bressler to make restitution to the victim banks, forfeit property bought with his ill-gotten gains, and serve a three-year term of supervised release.
"While good headway has been made in clamping down on the hackers that sell stolen identities online, more action needs to be taken to stop the criminals that buy and use this information," said Graham Cluley, senior technology consultant at Sophos, in a written statement. "Tackling the identity theft problem is not just about stopping the suppliers. There are always more cybercriminals lurking out there ready to step into their shoes. It's just as important that anyone buying this information doesn't think they can get away scott free."
Green-Bressler's arrest came as part of a larger sting which netted 16 other people from the Tucson area involved with an identity theft operation. The Department of Justice reported that he and his co-conspirators possessed more than 4,500 illegally obtained credit and debit card account numbers and their relating personal identification numbers (PIN).
The U.S. Attorney's Office reported in a written release that Green-Bressler solicited stolen credit card information on Internet Relay Chat rooms and forums run by the suppliers. The suppliers advertised the stolen information they obtained using phishing, pharming and spam scams. Green-Bressler bought information on U.S. banking customers from suppliers located in Vietnam, Pakistan, Jordan, Egypt, Philippines, Macedonia, Romania, Estonia, Kosovo, Canada, Russia, United Kingdom, Panama, Morocco, Lebanon, Mexico, Australia, Lithuania, and France.
The information he received, according to the DOJ, included credit and debit card account numbers, associated PINs, algorithms, and proprietary information relating to the customer's account, including expiration dates, passwords, and Social Security numbers.
The defendant and his co-conspirators used the information to create fraudulent credit and debit cards. They then used the cards to withdraw money from ATMs. The DOJ noted that on March 9, 2005, Green-Bressler and two co-defendants used one of the counterfeit credit cards to withdraw about $148,000.
They would then wire half of the money they withdrew to the overseas suppliers. It's believed that they transferred more than $300,000.
The bill -- the Identity Theft Enforcement and Restitution Act of 2007 -- seeks, in part, to make sure identity theft victims are paid back for the time they spend trying to repair the damage inflicted upon them and their financial standing. The bill also would add to the current identity theft and aggravated identity theft statutes, which focus on stealing the identity of individuals. The bill supplements that by making sure people who steal information from companies and organizations can be prosecuted, as well.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.