United States Attorney Jenny A. Durkan
Western District of Washington
Dutch Citizen Arrested And Extradited From Romania For Computer Hacking Conspiracy That Victimized Thousands Of Credit Card Customers
Seattle Area Businesses had their Point of Sale Computers Hacked, Information Stolen
A Dutch citizen who is prominent in the international computer hacking community will make his first court appearance in Seattle this afternoon on a 14 count indictment charging him with conspiracy, access device fraud, bank fraud, intentional damage to a computer, and aggravated identity theft, announced U.S. Attorney Jenny A. Durkan. DAVID BENJAMIN SCHROOTEN, 21, known in the online hacking community as “Fortezza,” was arrested on the indictment in Romania in March, and arrived in the Western District of Washington June 9, 2012. SCHROOTEN will appear at 2:30 today in front of Magistrate Judge Brian Tsuchida.
“This defendant has wrought havoc on victims and financial institutions around the world,” said U.S. Attorney Jenny A. Durkan who chairs the Attorney General’s Advisory Committee on Cybercrime and Intellectual Property Enforcement. “This indictment alleges that in just one transaction he trafficked in as many as 44,000 stolen credit card numbers resulting in millions of dollars in losses to financial institutions. Cybercriminals need to know: We will find you and prosecute you. I commend the cyber investigators at the U.S. Secret Service Electronic Crimes Task Force and Seattle Police Department for tracking down these international criminals.”
SCHROOTEN and co-conspirator CHRISTOPHER A. SCHROEBEL, 21, of Keedysville, Maryland marketed stolen credit card numbers via internet sites. SCHROEBEL hacked into the computers of two Seattle area businesses and stole credit card information. According to the indictments, SCHROEBEL hacked into the point of sale computer in a restaurant in the Magnolia neighborhood of Seattle, and a restaurant supply store in Shoreline, Washington. SCHROEBEL inserted malicious code onto the victim’s computers that copied the personal information of the credit card transactions at the point of sale terminals. The malicious code transmitted the information to a Kansas server controlled by SCHROEBEL. Across the country, SCHROEBEL stole at least 4800 credit card numbers and security information. SCHROEBEL conspired and worked with SCHROOTEN to build “carding websites,” in order to make the stolen credit card numbers available to criminals for fraud. The indictments describe the victimization of four Western Washington residents who had their information stolen and used to commit bank fraud.
Credit card fraud costs financial institutions $40 billion annually. In the Western District of Washington more than 180,000 stolen credit card numbers have been identified in recent cyber cases.
“Last fall, a single business in Magnolia experienced a serious loss – they immediately notified the Seattle Police Department. SPD detectives on loan to the Electronic Crimes Task Force quickly matched this case with other patterns and connected the dots to an international criminal enterprise,” said Assistant Seattle Police Chief Jim Pugel. “Solving this case would not have been possible without the assistance and cooperation of our partners in the Secret Service and the Romanian National Police.”
“The successful arrest and extradition of David Benjamin Schrooten underscores the Secret Service and DHS's commitment to pursuing cybercriminals-both domestic and foreign. This case is a great example of the Secret Service's Electronic Crimes Task Force Program in action,” said Special Agent In Charge Jim Helminski, USSS Seattle Field Office. “The apprehension of Schrooten was the result of a collaborative effort between the U.S. Attorney's Office for the Western District of Washington, the Secret Service, and the Seattle Police Department.”
SCHROEBEL was arrested in November 2011, and pleaded guilty last month. He is scheduled to be sentenced by U.S. District Judge Ricardo S. Martinez on August 10, 2012.
SCHROOTEN will have a trial date set at the hearing this afternoon. The charges contained in the indictment are only allegations. A person is presumed innocent unless and until he or she is proven guilty beyond a reasonable doubt in a court of law.
Bank fraud is punishable by up to 30 years in prison and a $1 million fine. Access device fraud and damaging a protected computer are punishable by up to ten years in prison and a $250,000 fine. Conspiracy is punishable by five years in prison and a $250,000 fine. Aggravated identity theft is punishable by a mandatory consecutive two year prison term.
The case is being investigated by the U.S. Secret Service Electronic Crimes Task Force and Seattle Police Department as part of the Task Force. The U.S. Marshals Service assisted with extraditing SCHROOTEN from Romania. The case is being prosecuted by Assistant United States Attorney Kathryn Warma.