Hacker pleads not guilty to stealing 160M credit cards

Dmitriy Smilianets was allegedly involved in the biggest hacking scheme ever prosecuted in the U.S., which cost Heartland, 7-Eleven, JetBlue, and others more than $300 million.

Dara Kerr Former senior reporter

Dara Kerr was a senior reporter for CNET covering the on-demand economy and tech culture. She grew up in Colorado, went to school in New York City and can never remember how to pronounce gif.

See full bio

Dara Kerr

Aug. 12, 2013 8:39 p.m. PT

2 min read

One of the five men accused of perpetrating the largest hacking scheme ever prosecuted in the U.S., which culminated with the theft of more than 160 million credit card numbers, pleaded not guilty on Monday, according to Reuters.

The charges levied against Dmitriy Smilianets, 29, include conspiracy to commit wire fraud, wire fraud, and unauthorized access to computers. If convicted, he could spend the next 65 years in prison.

Smilianets is originally from Russia but was extradited to the U.S. from the Netherlands last year. On Monday, he entered his not guilty plea in federal court in Newark, N.J. According to Reuters, his lawyer plans to fight the charges and look for irregularities around Smilianets' arrest in the Netherlands.

The massive breach that Smilianets was allegedly involved in including hacks into a handful of prominent companies, such as Heartland Payment Systems, 7-Eleven, JetBlue Airways, and J.C. Penny. The hack is said to have cost the companies a combined total of more than $300 million.

According to Reuters, Nasdaq was also breached, but this information wasn't released until last month when the feds accused the group of five of carrying out the massive hacking scheme. Prosecutors told Reuters the Nasdaq breach didn't include the stock trading platform and that the hackers weren't able to get any money from this specific breach.

The hacking group's cyberattacks began in 2005 and lasted at least until the summer of 2012, according to federal prosecutors. Of the five accused, one other accused hacker is in custody, while the three others are still considered on the run.

The group of hackers allegedly visited the stores of certain retailers to discover any holes in their payment systems. They were also allegedly able to install software on some of the company's computer systems, opening up a back door into the systems. They were said to have used computers around the world for storing malware and stolen data and launching attacks.

Once they allegedly obtained stolen credit card numbers, the hackers supposedly sold the numbers to others who then encoded the data onto magnetic stripes of blank cards. These blank cards could then be used to withdraw thousands of dollars from ATM machines.

The alleged mastermind behind one of the attacks, Albert Gonzalez, was caught and charged in 2008, and sentenced to 20 years in prison in 2009. According to Reuters, Smilianets allegedly worked with Gonzalez but once the mastermind was arrested, Smilianets broke off on his own and allegedly carried out more cyberattacks.