DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Three Members Of New York Cell Of International Cybercrime Organization Sentenced For Roles In $45 Million Cyberattack

Posted on December 2, 2014 by Dissent

On November 25 in federal court in Brooklyn, New York, Elvis Rafael Rodriguez, age 25 of Yonkers, was sentenced to 34 months’ imprisonment for his participation in an international cybercrime organization responsible for two cyberattacks that inflicted $45 million in losses on the global financial system in a matter of hours. Two of Rodriguez’s co-defendants were previously sentenced for their roles in the conspiracy — on October 27, 2014, Evan Peña, age 37 of Yonkers, was sentenced to 22 months’ incarceration, and on October 24, 2014, Saul Genao, age 25 of Yonkers, was sentenced to 15 months’ incarceration. Rodriguez, Peña and Genao were also ordered to pay $2,782,597 in restitution and $2,400,000 in forfeiture. Rodriguez, Peña, Genao and their 10 co-defendants pled guilty to charges stemming from their participation in the scheme.

The sentences were announced by Loretta E. Lynch, United States Attorney for the Eastern District of New York, and Robert J. Sica, Special Agent in Charge, United States Secret Service, New York Field Office.

“The defendants and their co-conspirators participated in a massive 21st century bank heist of unprecedented scale and scope using debit cards and the Internet rather than guns and masks. While the technical intrusion was highly sophisticated and the teams of cashers highly organized, law enforcement moved with even greater expertise to solve the cybercrime and bring the perpetrators to justice,” stated United States Attorney Lynch.

Secret Service Special Agent in Charge Sica stated, “Secret Service agents utilize state-of-the-art investigative techniques to identify and pursue cyber criminals around the world. This scheme involved multiple network intrusions and data thefts for illicit financial gain. Our success in this case and other similar investigations is a result of the extraordinary work of our investigators and our close work with our network of law enforcement partners.”

Rodriguez and his co-defendants were members of the New York-based cell of an international cybercrime organization that used sophisticated intrusion techniques to hack into the systems of global financial institutions, steal prepaid debit card data and eliminate withdrawal limits. The stolen card data was then instantly disseminated worldwide and used to make fraudulent ATM withdrawals on a massive scale. The defendants acted as “cashers,” who together with co-conspirators, withdrew almost $2.8 million in cash from ATMs in New York City in a matter of hours. Rodriguez and various co-defendants also laundered the proceeds of the crime by, among other things, making large cash deposits and transporting suitcases containing hundreds of thousands of dollars in cash to co-conspirators in Florida and Romania.

The cyberattacks employed by the defendants and co-conspirators are known in the cyber underworld as “Unlimited Operations” and rely upon both highly sophisticated hackers as well as organized criminal cells whose role is to withdraw the cash as quickly as possible and then launder the proceeds and repay the organizers. The defendants and co-conspirators conducted two Unlimited Operations: the first occurred on December 22, 2012 and resulted in approximately $5 million in losses worldwide. In the New York City area, over the course of just two hours and 25 minutes, the defendants and co-conspirators withdrew approximately $400,000 in fraudulent ATM withdrawals. The second Unlimited Operation occurred on February 19-20, 2013 and resulted in nearly $40 million in losses worldwide; the defendants and their co-conspirators withdrew approximately $2.4 million in the New York City area.

Ms. Lynch thanked MasterCard, RAKBANK and the Bank of Muscat for their cooperation with this investigation and expressed her gratitude for the timely and extensive assistance of U.S. Immigration and Customs Enforcement (ICE), Homeland Security Investigations (HSI), New York; law enforcement authorities in Japan, Canada, Germany and Romania; and authorities in the United Arab Emirates, Dominican Republic, Mexico, Italy, Spain, Belgium, France, United Kingdom, Latvia, Estonia, Thailand and Malaysia.

The government’s case is being prosecuted by Assistant United States Attorneys Hilary Jager, Brian Morris, Doug Pravda and Richard Tucker.

SOURCE: U.S. Attorney’s Office, Eastern District of New York

Additional background can be found in this May 2013 press release on their indictment and this November 2013 coverage by Kim Zetter.

Related posts:

  • Hacker Pleads Guilty to Infiltrating VOIP Networks And Reselling Services for Profit
  • Computer Hacker Fugitive Extradited for Cybercrimes Relating to VOIP Telephone Services
  • Russian hackers involved in largest hacking scheme ever prosecuted in U.S. sentenced
  • Four Russian Government Employees Charged in Two Historical Hacking Campaigns Targeting Critical Infrastructure Worldwide
Category: Financial SectorHack

Post navigation

← Over $1.7 Trillion Lost Per Year from Data Loss and Downtime According to Global IT Study
New Hampshire Employment Security mailing gaffe discloses 2,700 benefits recipients’ info →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.