Russian hacker behind massive data breach pleads guilty

Vladimir Drinkman has pled guilty and admitted his involvement in what the Justice Department calls "the largest such scheme ever prosecuted in the United States." He and the four other defendants in the case are accused of breaking into corporate computers -- including those owned by NASDAQ, 7-Eleven, JCP, JetBlue, Dow Jones, Visa Jordan, Diners Singapore and Ingenicard -- and stealing over 160 million credit card numbers from as far back as 2003. The hack ultimately caused losses amounting to $300 million, not including the damage caused to people whose identities have been stolen. Drinkman was caught during a trip to Amsterdam in 2012 and was sent to the United States to stand trial. He originally pled not guilty earlier this year but has obviously changed his tune in front of Chief Judge Jerome Simandle in a New Jersey district court.

According to the Department of Justice, the hacker group would monitor the victims' computer systems for months and then use the SQL database vulnerabilities they spot to infiltrate their networks. In most cases, they'd even leave a back door open in case they need to get into the network again later on. They would then use the security hole to slip in "sniffers," malware that collect and pilfer customer data, such as SS numbers and other identifying info in addition to credit card details, from the computers. Finally, they'd save those details to computers around the globe and then sell them to shady online entrepreneurs who then sell them on forums, in turn.

Drinkman and his colleagues were reportedly very careful and talked through encrypted channels to avoid detection during the course of the hacks, even using security software to add a layer of protection. They also altered the victims' network settings to prevent the computers from logging their actions. Those measures obviously failed Drinkman, though, and he now faces up to 30 years in prison. He might get a lesser term for pleading guilty, but we won't know for sure until he's sentenced on January 15th, 2016.

[Image credit: AFP/Getty Images]