In July 2005, “reformed” hacker Albert Gonzalez noticed an insecure wireless network at a Marshalls department store in Miami. After exploiting the vulnerability, Gonzalez and his accomplices installed programs that captured credit card numbers. They stored the credit card numbers on servers in Latvia and Ukraine, created ATM cards using some of the numbers, and used those cards to withdraw hundreds of thousands of dollars in cash. Fifteen months later, Marshalls’ parent company, TJX, announced that forty-five million of its customers’ credit card numbers had been exposed to the thieves.
“Medical” Monitoring for Non-Medical Harms: Evaluating the Reasonable Necessity of Measures to Avoid Identity Fraud After a Data Breach,
Rich. J.L. & Tech
Available at: http://scholarship.richmond.edu/jolt/vol16/iss1/3