Hackers from Russia and the Ukraine are penetrating credit card databases connected to e-commerce Web sites. The FBI’s National Infrastructure Protection Center said last week that more than 40 businesses located in 20 states have been victims of organized hacker activities specifically targeting U.S. computer systems containing personal credit card data. The FBI investigations thus far have disclosed several organized hacker groups from Eastern Europe, specifically Russia and the Ukraine, have penetrated U.S. e-commerce computer systems by exploiting vulnerabilities in unpatched Microsoft Windows NT operating systems. Many of these so-called “patches” have been available for more than two years. More than one million credit card numbers have been compromised to-date. After notifying the victim company of the intrusion and theft of information, the hackers generally make a veiled extortion threat by offering Internet security services to patch the system against other hackers. The usual ransom is $100,000 cash. The hackers tell the businesses that without their services, they cannot guarantee that other hackers will not access the network and post the credit card information and details about the compromise on the Internet. If the victim company is not cooperative in making payments or hiring the group for their security services, the hackers’ correspondence with the victim company has become more threatening. Investigators also believe that in some instances the credit card information is being sold to organized crime groups. The news from the FBI’s NIPC comes as the Internet crimes division is under fire from Washington lawmakers. For more information visit http://www.nipc.gov/.