Credit card breach: Tracing who dunnit

NEW YORK (CNN/Money) – News that hackers broke into the database of payment processor CardSystems, which contained information on over 40 million credit card accounts, raises the obvious question: Who did it?

The FBI is investigating and doesn't discuss cases that are pending. But if recent history is any guide, there's a fair chance the hackers may not be caught, or not anytime soon.

Not that there haven't been notable successes for law enforcement.

Since last October, for example, 28 members of Shadowcrew have been indicted. Shadowcrew operated one of the largest illegal online sites that facilitated malicious hacking and identity theft by selling such key identifiers as Social Security and debit card numbers.