TJ Maxx hacker jailed for 30 years in Turkey

TJ Maxx hacker jailed for 30 years in Turkey

TJ MaxxCorrection: In an earlier version of this blog entry I said the wardriving gang were charged in May 2005. In fact it was August 2008. Thanks to eagle-eyed blog reader Warwick for spotting my mistake.

Was it worth the risk? That’s the question a computer hacker from the Ukraine has plenty of time to ponder today, as a Turkish court slammed him with a 30 year prison sentence.

Maksym Yastremskiy, also known as “Maksik”, sold hundreds of thousands of credit card numbers and other personal information, and was one of the gang charged in August 2008 with stealing customer information from a number of companies in a major “war-driving” wi-fi attack.

Companies who had their data compromised included OfficeMax, Barnes & Noble, Boston Market, Sports Authority, Forever 21, DSW, BJ’s Wholesale Club and TJX, which operates retail stores T.J. Maxx (known as TK Maxx in the UK) and Marshall’s. Some of the companies were encrypting their credit card transmissions, but using the weaker WEP technology which made it easy for hackers to crack.

Stolen credit card details were then shared with other members of the hacking gang around the world, including in Eastern Europe.

Statement on TJX website

Authorities alleged that the 25-year-old Ukrainian was responsible for losses totalling tens of millions of dollars worldwide through his criminal activities, but he was ultimately convicted for hacking into a number of Turkish banks.

The authorities should be congratulated for bringing another hacker to justice, and it will be interesting to see what else emerges from this ongoing case involving other suspects in the TJ Maxx case around the world.

Yastremskiy was arrested by authorities in July 2007, as he attended a nightclub in the beach resort of Kemer, Turkey after a secret service operation. One presumes he won’t be spending any nights out for a while.

Thirty years is, of course, a very severe prison sentence for anyone to receive, and one that should give some people reason to reflect. In fact, I don’t think I can recall ever hearing of a cybercriminal receiving such a severe sentence.

Now, it’s quite possible that there are people reading this blog entry who are engaged in cybercrime. If that’s you – than here’s a message as simple as I can think to put it.

Stop now. The rewards for cybercrime can sometimes be large, but you are at risk of ruining the rest of your life – and causing years of misery for your family and friends.

You may think your chances of being caught are small, but there are more and more convictions happening all the time, and the authorities are getting better than ever at co-operating at an international level to catch people like you.