Inside largest computer hacking scheme in history

Five men are charge with stealing more than 160 million credit and debit card numbers in the largest bust of a hacking ring in U.S. history, officials say. The thefts cost victims more than $300 million in losses. CBS News senior correspondent John Miller, a former FBI assistant director, discusses the case.

(CBS News) Federal officials have announced the biggest bust of a hacking ring in U.S. history. Five men are charged with stealing more than 160 million credit and debit card numbers.

5 arrests in alleged hacking operation involving at least 160M credit, debit cards

"It may be the biggest hacking plot ever uncovered," senior correspondent for CBS News and former FBI assistant director John Miller told "CBS This Morning." "

The hackers, one Ukrainian and four Russians, are responsible for more than $300 million in losses since 2005, facilitating "debit card dumps." Their schemes affected more than a dozen major retailers like J.C. Penney, Heartland Payment Systems, JetBlue Airways and NASDAQ, the Washington Post reported.

The defendants were identified as Vladimir Drinkman, 32, of Syktyvkar, Russia, and Moscow; Aleksander Kalinin, 26, of St. Petersburg, Russia; Roman Kotov, 32, of Moscow; Dmitriy Smilianets, 29, of Moscow; and Mikhail Rytikov, 26, of Odessa, Ukraine.

"These are basically kids from the start," Miller said. "They are in their early twenties. One of them was a championship gamer who traveled from city to city, winning video game championships and things like that, but I guess the prize money wasn't enough or the excitement. They put those skills to work hacking."

In a "debit card dump," the hackers sold payment card numbers to resellers. Resellers sold the numbers to online "cashers," who encoded them onto blank payment cards. Then, the new cards were used to purchase goods or withdraw money. The ring earned about $10 for every American card, $15 for every Canadian card, and $50 for every European card, according to the indictment.

Miller said that the hackers reached companies' servers through their main frames, obtained administrative rights, and started to "suck out big blocks of information, and then sell that."

While technological defenses exist, tracking these types of hackers is what Miller calls a "game of cat-and-mouse." "Every security layer they put on this...the hackers go back and say, 'How do we defeat that?'"

Miller added, "When you look at a hit like this...the good news is it wasn't passed on to the consumer, the bad news is, it always is because companies have to make up that loss somewhere."

For more on the bust, watch John Miller's full analysis above.