How much is your identity worth?

HOW curious. Early this year my bank sent me a replacement credit card. I hadn't asked for one, and the bank did not elaborate except to refer vaguely to "security" issues.

I still don't know why my card was replaced, but I have a hunch: a massive electronic heist at a New Jersey-based company called Heartland Payment Systems. Heartland acts as a middleman between retailers and credit card companies, and processes about 100 million transactions every month. At some point in March 2008, a group of hackers is believed to have broken through the firm's cyber-defences. They installed software that, for about four months, secretly relayed credit and debit card details to an external computer. It is likely that tens of millions of cards were hacked.

Like many other people, I initially missed the news about Heartland - perhaps because it was announced on the day of Barack Obama's inauguration. But my belated discovery made me wonder what would have happened to my credit card details if they had been stolen. So I called internet security company Team Cymru, based in Burr Ridge, Illinois. A few weeks later, cybercrime experts Steve Santorelli and Levi Gundert introduced me to a sprawling criminal underworld so large and pervasive that no one can control it.