Criminals steal credit card data just by wardriving

Anime doll holding VISA card
A federal grand jury in Boston has charged eleven people with the theft of more than 41 million credit and debit card numbers from retail stores. What makes this case interesting is that, although the defendants stole the data from retail establishments, they did so without ever having to leave their cars; they stole the numbers while wardriving. While the report doesn’t make it clear whether the targeted networks used weak encryption or were simply unsecured, it’s obvious that the security of your data is still not a top priority for many companies.

[photo: Mujitra]


  1. BigD145 says:

    Impressive. 41 million is quite a large number even considering that the average number of cards per person in the US is 10.

  2. Alexander says:

    omg…where can i get a 404 girl?

  3. matt says:

    Here is a Wall street journal article from last year, with a bit more info on how the hackers broke into TJ maxx’s network. The short version is don’t use WEP! Also good ideas are don’t store sensitive data any longer than you need to and don’t transmit sensitive date without encrypting it first.

  4. barry99705 says:

    WARDRIVERS DON”T CONNECT!!!!!!!!!! This has abso-fucking nothing to do with wardriving!

  5. tricky says:

    as of this post, the majority of this thread is dedicated to everyone’s favorite 404 girl. go yotsuba!

  6. strider_mt2k says:

    That pic is great!

  7. Joe says:


  8. Joe says:

    If said criminals are stealing credit card data than they are connecting to the wireless networks and thus NOT wardriving. Get your fucking shit right. Wardriving is PASSIVE scanning for WiFi equipment – wardriving never involves connecting to an access point. Wardriving is a perfectly legitimate activity with real uses. Wardrivers tend to get a bad name because of people like you who just reprint stuff that they find on other people’s site like it is fact without knowing anything about it.
    That being said, here’s an idea for a new guideline for the HAD staff: If you don’t know anything about it, don’t post it. Leave it for someone who does, or at least consult them as to the accuracy of the item.

  9. goggle says:

    No argument here: WEP is weak.

    However, wardriving DOES NOT involve connecting to networks that don’t belong to you. You drive, you catch packets, you log a GPS location, and you move on.

    These guys BROKE INTO A NETWORK. They may have found the access point via wardriving, but anything beyond that is a knowing and willing criminal act.

    Confusing wardriving with criminal activity is such a shame.

  10. Constantine says:

    i can see why driving could find the access points with a good antenna. but once these guys decide to start trapping packets, they have to park somewhere… or drive around in circles at the cost of a lot of gas, no?
    and if they park, don’t you think it’s pretty suspicious with a directional antenna visible from the outside of the car? all it takes is one phone call…

  11. caligula says:

    This is directed to “joe”

    Most people believe that war-driving is NOT illegal but it has never been tested in the courts. If a court case came up, and the plaintiff had enough money to hire a smart lawyer, he could probably convince the judge/jury just by implicating the word “war” in “war-driving”. You really need to use your brain a little more on this instead of flaming people you know nothing about.

    Moreover, the only reference to illegal activity I’ve read is “connecting without the owner’s consent”. But how do you differentiate between wardriving and packet capture with a passive sniffer, for example? You are not “connecting” to the network”… just trapping loose packets flying by you. The truth is, the authorities don’t really understand computers. it’s just that and all your inane post does is make excuses for their stupidity.

  12. Card Comparison says:

    The “war” in war-driving really gives it away. they stole the numbers while wardriving NOT by war driving. I guess it is a little like tresspass.

    Brian White

  13. The “war” in war-driving really gives it away. they stole the numbers while wardriving NOT by war driving. I guess it is a little like tresspass.

    Brian White

  14. geppo says:

    in italy every day a hundred a card was cloned by bluetooth pos. a guy go in restaurant with a nokia n73 with a good software and sniff chip data and pin or magstripdata and pin.have in car a msr 206 and instantly duplicate a card and go on atm and take a a shit people but camorra is this….

  15. Amazing how many credit card numbers they get… Scary to think when someone organizes the bad guys to actually do something with all those account numbers.

  16. After see this i just say this SUPERB

  17. credit says:

    wow over 41 million CC numbers! How did they get caught?

  18. would like to know exactly what wardriving is..but interesting article nontheless.

  19. Pamantha says:

    Always good quality info from this site!

  20. May says:

    Wow! what an idea ! What a concept ! Beautiful .. Amazing

  21. Its really a very mind blowing news…………..its really very interesting..I just can’t imagine that a Credit Card can be stolen simply by war driving…..

  22. THats kind of scary…. I guess im kind of glad I still have a low credit limit.

  23. Tamara says:

    Don’t you get paid in cash at fast food places?

  24. Jonathan says:

    Very superb and the large number. good work man.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Get every new post delivered to your Inbox.

Join 96,434 other followers