The personal records of thousands of U.K. consumers have turned up on a computer recovered from criminals in the U.S.
London’s Metropolitan Police Computer Crime Unit reported that 83,000 email addresses, credit card numbers and online transaction files had been discovered on the PC during an unspecified operation by U.S. authorities.
The files are believed to have been stolen from around 2,300 computers using some sort of backdoor Trojan infection able to log passwords. U.K. police are now busy contacting the people involved, as well as their banks and ISPs where appropriate.
Police have yet to reveal which piece of malware was involved nor how far back in time the theft might have occurred. Likewise, the identity of the U.K. bank or banks involved has yet to be made public.
“The information has been harvested from the computers by a type of malicious code known as a Backdoor. However, there are thousands of computer users worldwide who have had their computers compromised and data stolen,” said a spokesman for Scotland Yard.
“This immediate response by the Met’s Computer Crime Unit to notify victims, ISPs and Banks as well as alerting our foreign law enforcement partners demonstrates the Unit’s commitment to disrupt the activities of criminals who engage in this activity.”
That a single PC can be found to contain personal information from such a large number of people is further evidence that Internet crime is still low-risk and effective. Meanwhile, unlike consumers in many U.S. states, U.K. victims have no automatic right to know when their data has been compromised.
That this event came to light at all is entirely down to the decision by U.K. police to contact them.
Information on thefts of any kind from U.K. banks is still rare, one of the notable exceptions being the failed attempt to steal