I’ve complained a lot (too much, some might argue) about how we’re often not told how or where ID thieves or criminals obtained identity information used in their crimes. Here’s a news story from the BBC that also omits information about how the defendants obtained or stole credit card details:
A man has admitted being involved in a £500,000 fraud in which he used stolen credit card details to buy his own songs on iTunes and Amazon.
Lamar Johnson, 19, from Wolverhampton, was part of a group accused of obtaining royalties from the sales.
They allegedly downloaded the songs 6,000 times in 2008 and 2009. Johnson admitted being responsible for about 2,000, Southwark Crown Court heard.
He was remanded in custody after sentencing was adjourned.
Prosecuting, Helen Malcolm QC, said Johnson, of Stowheath Lane, used “compromised credit card details” in order to gain royalties from the sales of the songs he posted on the websites.
[…]
We often talk about what the elements of a mandatory breach disclosure notice should be. I’d like to see mandatory disclosure of certain details from prosecutors unless it would compromise an ongoing investigation.