By Jennifer Sullivan, The Seattle Times –
SEATTLE — When angry customers started phoning his restaurant, accusing his waitstaff of overcharging them, Corino Bonjrada feared that in an already tough economy he could lose his business.
Bonjrada, who has owned Mondello in Seattle for the past seven years, pressed the callers for details. He learned that within 10 minutes of leaving his restaurant, diners were dinged with mysterious charges ranging from $70 to $90.
Bonjrada contacted a local computer-repair shop and learned that his restaurant had likely been targeted by sophisticated computer hackers.
Bonjrada called Seattle police.
On Monday, U.S. Attorney Jenny Durkan in Seattle credited Bonjrada with helping a multiagency team take down a Dutchman believed to be responsible for trafficking in nearly 45,000 stolen credit-card numbers, resulting in millions of dollars in losses. A large portion of those hacked cards came from Seattle, authorities said.
David Benjamin Schrooten, 21, was arrested in Romania in March. On Monday he appeared in U.S. District Court in Seattle, where details of his 14-count indictment were revealed. He pleaded not guilty.
Schrooten’s appearance in court comes about a month after an alleged co-conspirator, Christopher Schroebel, 21, pleaded guilty to computer-related crimes.
Authorities say that between last June 25 and March, Schrooten worked with Schroebel and others to carry out the credit-card hacking scheme.
Schroebel, who Seattle police say is a heroin addict who had been living in Maryland, is accused of stealing the credit-card information from Bonjrada’s restaurant.
Since Aug. 6, when Bonjrada contacted them, Seattle police have been investigating the theft of credit-card information from Mondello restaurant. Bonjrada provided police with the names of six customers who had complained about mysterious charges on their credit cards, according to the indictment in Schroebel’s case.
Victims told police that purchases were made at Home Depot, Walmart and other businesses in Southern California, the indictment said.
In December, Schrooten and others advertised the sale of more than 130 credit-card numbers belonging to Washington state residents, including eight cards from members of credit union BECU, according to the U.S. Attorney’s Office.
On March 15, Schrooten had “distributed, over the Internet, 289 unique credit card numbers that had been issued by BECU,” according to the indictment.
Robert Kierstead, who is the assistant special agent in charge of the Secret Service’s Electronic Crimes Task Force, called Schrooten “a very sophisticated criminal” who was caught after he “left the electronic equivalent of fingerprints” online.
Durkan called online credit-card hackers “cyber sewer rats” who scour the Internet for holes in businesses’ sales systems. Once they find a vulnerable system, they install software designed to infiltrate and damage computer systems.
Schrooten, whose charges include several types of fraud, intentional damage to a computer and aggravated identity theft, faces a potential 30-year prison sentence and $1 million fine if convicted of bank fraud alone, according to the U.S. Attorney’s Office.
Schroebel, who had initially been charged with 15 counts, pleaded guilty to five counts, including bank fraud, according to the U.S. Attorney’s Office. He is scheduled to be sentenced in U.S. District Court in Seattle on Aug. 10.
Bonjrada, on Monday, said that he agreed with Durkan’s assertion that his was now the “safest” restaurant to eat at in the city. He said that he would advise other small-business owners to also push hard against cybercriminals.
“Just do the same thing I did. Just call the police and try to stop it,” he said.