Customs and border protection officials apprehended a Mexican couple at the international border in McAllen, Texas, and turned them over to authorities investigating the breach into Target Corporation's (NYSE:TGT) systems and the theft of customer data at the retail giant over the holiday season, media reports said on Monday.
According to McAllen Police Chief Victor Rodriguez, Mary Carmen Garcia, 27, and Daniel Guardiola Dominguez, 28, were arrested at the border with 96 fraudulent credit cards, Associated Press reported. Rodriguez said Garcia and Guardiola, both of Monterrey, Mexico, had used the cards to buy goods worth tens of thousands of dollars at retail chains such as Best Buy (NYSE:BBY), Wal-Mart (NYSE:WMT) and Toys R Us.
Garcia and Dominguez were arrested Sunday morning at the Anzalduas International Bridge as they tried to re-enter the U.S. at the border, AP reported, adding that according to an anonymous federal official, the arrests were not connected to the Target data theft. The two are believed to have purchased credit-card information from overseas hackers and Rodriguez spoke of a link with Eastern Europe or Russia without providing more details, according to AP.
The couple, who were being held Monday on state fraud charges, is believed to be part of a larger criminal conspiracy and could eventually face federal charges, according to Rodriguez. The arrest, which was triggered by bulk purchases made by the couple over the weekend of Jan. 12, was made possible with help from the Secret Service who assisted police detectives connect the account numbers to those stolen during the breach at Target.
Minneapolis-based Target reported last month that credit and debit card accounts of nearly 40 million customers were illegally accessed by hackers between Nov. 27 and Dec. 15, the Los Angeles Times reported, adding that the cybercriminals also may have gathered names, and the home and email addresses, of as many as 70 million in-store and online shoppers.
"It's not that we find criminals like this through cyber-forensics. We get them in the real world when they do something stupid," Bruce Schneier, chief technology officer at cybersecurity firm Co3 Systems, told the LA Times. "It's invariably how it works: Getting credit cards is easy. Turning it into cash is hard."