By

This month, a Dutch citizen will make a court appearance in Seattle related to a 14 count indictment in relation to a global computer hacking conspiracy that resulted in the stolen information of thousands of credit card holders.

The search for the hacker led to Romania, where authorities found David Benjamin Schrooten, 21, an active member of the online hacking community who went by the handle "Fortezza." The United States Attorney's Office in the Western District of Washington tracked down Schrooten and arrested him in Romania in March.

The indictment charges Schrooten with conspiracy, access device fraud, bank fraud, intentional damage to a computer and aggravated identity theft.

"This defendant has wrought havoc on victims and financial institutions around the world," said U.S. Attorney Jenny A. Durkan in a statement. Durkan chairs the Attorney General's Advisory Committee on Cybercrime and Intellectual Property Enforcement. "This indictment alleges that in just one transaction he trafficked in as many as 44,000 stolen credit card numbers resulting in millions of dollars in losses to financial institutions. Cybercriminals need to know: We will find you and prosecute you."

The U.S. Attorney's Office alleges that Schrooten did not manage this hacking activity alone. Schrooten conspired with Christopher A. Schroebel, 21, of Keedysville, Maryland to steal credit card numbers and sell them through various Internet sites.

The indictments state that Schroebel hacked into computers at two different businesses in Seattle: a restaurant in the Magnolia neighborhood of Seattle and a restaurant supply store in Shoreline, Washington. In each instance, Schroebel put malicious code onto the businesses' computers that would attack the point of sale operations, copying personal credit card information whenever a credit card transaction was made and sending it to a server in Kansas that Schroebel controlled. Through this scheme, Schroebel managed to steal at least 4,800 credit card numbers and security information.

After taking the information, Schrooten and Schroebel created "carding websites," which are places where criminals can purchase stolen credit card numbers and commit fraud with them.

The U.S. Attorney's Office worked with the Seattle Police Department and the U.S. Secret Service Electronic Crimes Task Forces (ECTF) to nab the criminals. The ECTF, created in 1995, partners with many agencies to combat cyber crime and attacks on computers and other chip devices.

"Last fall, a single business in Magnolia experienced a serious loss -- they immediately notified the Seattle Police Department. SPD detectives on loan to the Electronic Crimes Task Force quickly matched this case with other patterns and connected the dots to an international criminal enterprise," said Assistant Seattle Police Chief Jim Pugel in a statement. The Seattle Police Department worked with the Secret Service and the Romanian National Police to find the criminals.

"The successful arrest and extradition of David Benjamin Schrooten underscores the Secret Service and DHS's commitment to pursuing cybercriminal-both domestic and foreign. This case is a great example of the Secret Service's Electronic Crimes Task Force Program in action," said Special Agent In Charge Jim Helminski, USSS Seattle Field Office in a statement.

After being arrested last November, Schroebel eventually pled guilty in May 2012 and will be sentenced this coming August.

Schrooten has pled not guilty to the allegations set forth in the indictment. He will go back to court in August.

If found guilty, Schrooten could be in for a lengthy prison sentence. The crime of bank fraud can net up to 30 years in prison and a $1 million fine. Access device fraud and damaging a protected computer can be punished with up to ten years in prison and a $250,000 fine. Conspiracy can receive up to five years in prison and a $250,000 fine. Aggravated identity theft can receive a mandatory consecutive two-year prison sentence.

Consumers who fear their information has been breached due to a hacking incident should be careful of phishing attacks and other similar e-mail scams, make sure their personal computers don't contain any viruses, review their financial statements for unexpected charges and monitor their credit reports.