SEATTLE – A 21-year-old Dutch man, who was arrested and extradited from Romania, has been charged as part of a scheme to sell stolen credit card information via the Internet, including hundreds of cards issued BECU.
David Schrooten was scheduled to appear in U.S. District Court in Seattle yesterday on 14 counts of conspiracy, access device fraud, bank fraud, intentional damage to a computer and aggravated identity theft.
Schrooten, also known in the hacking community as “Fortezza,” was arrested in Romania in March and arrived in western Washington Saturday.
“This indictment alleges that in just one transaction he trafficked in as many as 44,000 stolen credit card numbers resulting in millions of dollars in losses to financial institutions,” said U.S. Attorney Jenny Durkan.
Prosecutors charge that Schrooten and Christopher A. Schroebel, 21, of Maryland, marketed stolen credit card numbers online. Schroebel is accused of hacking into the point of sale computer of a restaurant in Seattle’s Magnolia neighborhood and in a restaurant supply store in Shoreline, obtaining information on hundreds of BECU cards.
Prosecutors say Schroebel used malicious code to copy the personal information of credit card transactions at the point of sale terminals. The information allegedly was then sent to a server in Kansas controlled by Schroebel.
The Dept. of Justice says Schroebel stole at least 4,800 credit card numbers and security information across the country, then worked with Schrooten to build websites in order to sell the information to criminals.
Schroebel pleaded guilty last month and will be sentenced in August.