Nelson Daranciang reports: Credit and debit card information stolen in a 2017 and 2018 Zippy’s data breach was used to make fraudulent purchases in 17 foreign countries and 28 states, including 595 in Hawaii, said Deputy Prosecutor Chris Van Marter. You can read more on Honolulu Star-Advertiser if you have a subscription. Back in January, Zippy’s settled a class action lawsuit stemming from the breach. At the time, the FBI had attributed the hack to FIN7. So if they have now charged four people, have they actually apprehended anyone from FIN7, or have they charged others who were not part of FIN7 — or were they incorrect in their earlier attribution? I guess we’ll have to wait to find out more as I cannot find any DOJ press release yet and without names, it’s difficult to find filings on PACER.