A Malaysian has been hit with federal charges for hacking financial institutions and possessing thousands of stolen credit card numbers.
A Malaysian man was charged today by a federal grand jury with hacking into
a Federal Reserve Bank computer network and possessing more than 400,000 credit
and debit card numbers.
Lin Mun Poo, 32, was arrested shortly after his arrival in the United
States Oct. 21 and has been in custody
since then, according to the U.S. Attorney's Office for the Eastern District of
New York. According to the government's pleadings and a detention letter filed
today, Poo targeted not just financial institutions, but also major
corporations and a defense contractor.
"As today's technology continues to evolve, cybercriminals use these
advances and enhancements to perpetrate an expanding range of crimes,"
said Secret Service Special Agent in Charge Brian Parr, in a statement. "These
crimes not only affect our nation's financial infrastructure, but are also an
ongoing threat to our national security."
According to authorities, Poo traveled to the United
States Oct. 21 to obtain additional stolen
financial information from other hackers to sell for his own profit. When he
was arrested after arriving at John F.
Airport, Secret Service agents
seized his laptop computer-which authorities described as "heavily
encrypted." The laptop contained a large amount of financial account
data and personal identifying information Poo obtained by hacking into
various computer systems, authorities said.
Among his reputed victims was FedComp, a data processor for federal
credit unions. According to authorities, he was also able to gain unauthorized
access to the data of various federal credit unions, including the Firemen's
Association of the State of New York
and the Mercer County New Jersey Teachers. He is also accused of
compromising the computer servers of major financial institutions and
companies, including the Federal Reserve Bank of Cleveland,
In addition, Poo is accused of hacking into a computer
system belonging to a Department of Defense contractor that provides
systems management for military transport and other military operations.
"The 400,000 credit cards stolen is likely only the tip of the iceberg,
but even at that it represents [tens] of millions of dollars in potential
fraud," noted Michael Maloof, CTO of
TriGeo Network Security.
If convicted of the most serious offenses, Poo faces a maximum sentence of 10
years in prison.