Security Incidents: Re: Stolen Card Purchases

["Jonathan A. Zdziarski" <jonathan () networkdweebs com>]

Hi,

Thanks for all the emails I received.  Just to make a few points of
clarification in regards to our specific situation...

- The credit cards being used were not stolen on the Internet, as not
all of the cardholders involved in these related incidents had made
purchases on the Internet.

- The person or persons using these stolen cards had all the correct
information (such as address and even phone number, which is how we were
able to contact each cardholder).

- We traced at least one of these incidents back through some proxies to
a residential DSL line in the US, and I'm sure the Internet provider
could furnish whomever [under subpoena] with name and address.

I'm going to contact a few of the people who emailed me, but it sounds
like from the other half of the emails I received, very few law
enforcement agencies are interested in making arrests these days.  If
this is the case, I'm wondering what reporting this to the media would
do.  A story about how the government lets theifs run free sounds like
it'd be enough to get some government organizations to shape up.






----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com