Hacker of Business Kiosks Steals Credit Card Information

A man from Lomita who faces federal charges of committing breaches into hotels' business kiosks and engaging in theft of credit card details pleaded guilty on December 18, 2007.

28-year old Hario Tandiwidjojo admitted to have unlawfully accessed a protected personal computer to conduct identity fraud. During a plea agreement at the United States District Court, Tandiwidjojo pleaded guilty of hacking nearly 60 computers placed on business kiosks that Showcase Business Centers, Inc. (SBC) operated.

Tandiwidjojo got around four password-authentication checks that SBC established on their systems. He used passwords that were obtained when he was working for a firm that was in charge of operating the kiosks. After compromising the computers, Tandiwidjojo executed malicious software on the systems that helped him to access data like credit card details belonging to customers who availed the services of the kiosks.

Tandiwidjojo has been sentenced to federal jail for up to 5 years and to another penalty of $250,000. However, federal prosecutors recommended a sentence of at most 10 months in lieu of pleading guilty. Tandiwidjojo is scheduled for hearing his sentence on March 3, 2008.

According to documents in court, in February, Tandiwidjojo's activities resulted in losses of $34,266 and theft of at least 300 credit cards in only three days.

The investigation started in April 2007 when a person representing Shuttlepoint, another business kiosk operator, reported to the FBI an incidence of tampering of a couple of kiosks he ran.

When FBI officials raided Tandiwidjojo's home in August 2007, they found a credit card writing instrument with which he embedded fake information on credit cards, a terminal for credit cards to process transactions, a number of gift cards and bank cards, and a driving license valid in California with Tandiwidjojo's photograph but a different name.

The plea agreement of December 18, 2007 is the most recent example of how a former computer consultant admitted applying his technical knowledge to commit a serious crime. In a similar case in November 2007, John Schiefer pleaded guilty of using large-sized botnets to run malware on 250,000 computers to intercept online banking details of their users.

Related article: Hacker & Virus in MySpace

» SPAMfighter News - 1/1/2008