Federal Reserve's Computers Hacked by Indicted Malaysian Man, U.S. Says

The Federal Reserve’s computers were hacked by a Malaysian man who was arrested in a credit card scheme, according to prosecutors in the office of U.S. Attorney Loretta Lynch in Brooklyn, New York.

The computer network of the Federal Reserve Bank of Cleveland was hacked in June, resulting in thousands of dollars of damage, affecting 10 or more computers, according to court papers.

No Federal Reserve data or information was accessed or compromised, according to June Gates, a spokeswoman for the central bank. “The incident involved a test computer at the Federal Reserve Bank of Cleveland,” Gates said today in a phone interview. The computer system is used for testing and is “not in any way connected to our live production system,” she said

A federal grand jury returned a four-count indictment today against Lin Mun Poo for hacking into the central bank’s computers and for possessing more than 400,000 stolen credit and debit card numbers, according to a statement by Lynch. Poo has made a career of compromising computer servers of financial institutions, defense contractors and corporations to sell or trade on the information, Lynch said.

Poo, 32, was arrested shortly after his Oct. 21 arrival in the U.S., when he sold 30 active credit or debit card numbers to an undercover agent for $1,000. He has been in custody since his arrest.

Kannan Sundaram, Poo’s lawyer at Federal Defenders of New York in Brooklyn, couldn’t immediately be reached for comment.

Credit Union Access

Poo was able to gain access to data of several federal credit unions, including the Firemen’s Association of the State of New York, by hacking into Fairfax, Virginia-based FedComp Inc., a data processor for credit unions.

A message left on FedComp’s general voice-mail and an e-mail to the firemen’s association weren’t immediately returned.

When he was arrested, Poo had a “heavily encrypted laptop computer” that had “a massive quantity of stolen financial account data and personal identifying information,” according to court papers.

He’s also charged with hacking into a defense contractor’s system.

“Cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors,” Lynch said in her statement.

The case is U.S. v. Poo, 10-cr-891, U.S. District Court, Eastern District of New York (Brooklyn).

To contact the reporter on this story: Thom Weidlich in Brooklyn, New York, at tweidlich@bloomberg.net.

To contact the editor responsible for this story: David E. Rovella at drovella@bloomberg.net.

Press spacebar to pause and continue. Press esc to stop.

Bloomberg reserves the right to remove comments but is under no obligation to do so, or to explain individual moderation decisions.

Please enable JavaScript to view the comments powered by Disqus.