FRAMINGHAM (03/24/2000) - Two computer crackers who stole thousands of credit card numbers from electronic commerce sites and posted them on the Web were arrested yesterday in Wales, the FBI said today.
The two 18-year-old men, arrested by police in Dyfed-Powys, weren't identified, in keeping with British law.
The men, who law enforcement officials believe went by the cracker name Curador, allegedly broke into nine e-commerce sites, stole more than 26,000 credit card numbers and posted many of them on a Web site paid for with a stolen card, according to the FBI's National Infrastructure Protection Center.
Administrative costs related to the thefts could cost banks more than US$3 million, the FBI said. Officials are still calculating other losses, such as goods illegally charged to the stolen credit-card numbers.
In one of the attacks in February, the cracker hit Promobility Inc. in Markham, Ontario. The wireless phone seller saw thousands of credit card numbers downloaded from Web sites it runs, according to Eric Geiler, a company principal.
Geiler said the credit card numbers, which include his personal credit card, were stolen along with customer names, addresses and phone numbers.
Other victims included SalesGate.com, Feelgoodfalls.com, and Shoppingthailand.com.
The cracker, whose Web page was titled "Curador -- The Saint Of E-Commerce?," posted some 6,000 credit card numbers and claimed to have more than 23,000.
Curador exploited security holes in Microsoft software which some small firms admit they lack the manpower to fix, even though patches are available.
Investigators in Canada, Japan, Thailand, the U.K. and U.S. were pursuing the cracker.