A Russian man accused of hacking point-of-sale systems in the U.S. is facing additional charges following a revised indictment returned by a grand jury on Thursday, the U.S. Department of Justice said.
Roman Valeryevich Seleznev was arrested at an airport in the Maldives in July by U.S. Secret Service agents and then flown to Guam, according to an Associated Press report. He is reportedly the son of a Russian lawmaker, Valery Seleznev.
Seleznev was first indicted in 2011, with prosecutors alleging he was part of a group that installed malicious software on point-of-sale systems of many restaurants in 11 states and even the Phoenix Zoo in Arizona.
He and the gang are alleged to have made millions of dollars through the sale of more than 2 million credit card numbers. The attacks caused millions of dollars in damages to merchants and banks, the superseding indictment reads.
Retailers have been struggling with cyberattacks on their payment systems, which target card data stored in a computer’s volatile memory, where it briefly sits unencrypted. Home Depot and Target have reported record-breaking data breaches that have caused the industry to take a long look at how card data can be better protected.
The superseding indictment against Seleznev adds 11 counts of wire fraud. He is also charged with nine counts of obtaining information from a protected computer, nine counts of possession of 15 or more unauthorized access devices, and two counts of aggravated identity theft.
Seleznev will be arraigned next week. His trial is scheduled to begin Nov. 3 in U.S. District Court for the Western District of Washington.
He is accused of collecting credit card numbers through malware and making the data available for sale on many websites, including “2Pac.cc,” which was still online as of Friday morning. The websites advertised “dumps,” or batches of freshly stolen card data, with a service to verify the validity of the cards, prosecutors allege.