Photo: Getty

Did you have your credit card info stolen from Chili’s, Arby’s, or Chipotle recently? Well, the Department of Justice claims they have some of the perpetrators in custody. Three men are accused of being members a high-profile hacking group responsible for the theft of millions of credit card numbers from more than 100 companies.

The men are all Ukrainian nationals and each was arrested in a different country‚ÄĒGermany, Poland, and Spain. According to the DOJ, they are believed to be members of a hacking group known as FIN7, which is said to have dozens of members and isn‚Äôt believed to be tied to any particular government. The men, identified as Dmytro Fedorov, Fedir Hladyr, and Andrii Kolpakov have been indicted on a total of 26 charges including conspiracy, wire fraud, and computer hacking.


Along with the indictments, the DOJ released an outline of how the group carried out its attacks. It’s a pretty standard phishing scam with an email sent to an employee at a company, which was often accompanied by a phone call to make the email seem more legitimate. When a target clicked on a malicious link, malware would be installed on their system. The hackers would then hoover up credit card numbers and sell them on the dark web. In total, the group is said to have obtained over 15 million credit card records from more than 6,500 point-of-sale terminals.

Other victims included the Red Robin and Jason‚Äôs Deli franchises as well as several casinos and hotels. The DOJ says that the group used a front company called Combi Security ‚Äúto provide a guise of legitimacy and to recruit hackers to join the criminal enterprise.‚ÄĚ The company‚Äôs now-deleted website allegedly listed some of the group‚Äôs victims as past clients.

In March, a man believed to be FIN7's leader‚ÄĒhe‚Äôs only identified as Denis K‚ÄĒwas taken into custody by Europol. Other members are still believed to be at large but, the DOJ said, ‚Äúthe naming of these FIN7 leaders marks a major step towards dismantling this sophisticated criminal enterprise.‚ÄĚ


[Department of Justice via CNN]