ArchiveOODA OriginalRisk Intel Report

Global ATM Fraud Nets Criminals US$9 Million In One Day

Highlights – Hackers penetrated a server at payment processor RBS WorldPay in November 2008 and stole personal information of customers – A highly coordinated ring of criminals used fake ATM cards to withdraw cash from 130 ATMs in 49 cities around the globe – Many similar breaches of financial data systems and ATM fraud schemes in the past several years highlight the need from a new approach to securing financial data systems A news report released on February 4, 2009 detailed a global automatic teller machine (ATM) scam that netted the scam’s leaders and low-level participants over US$9 million. On December 23, 2009, Atlanta, Georgia based payment processor RBS WorldPay announced that in November 2008, a hacker had penetrated a server at the company and stolen personal information of approximately 1.5 million of its customers along with approximately 1.1 million Social Security numbers. The hackers then used this information to clone 100 payroll debit cards – which companies use to pay employees wages – and then were able to get these card into the hands of an unknown number of low level “cashiers” – individuals who visit the ATMs to withdrawal the cash – all over the world. Just after midnight on November 8, 2009, the “cashiers” went to work, and over a 10-hour period withdrew over US$9 million from 130 ATMs in 49 cities around the globe. ATM machines were struck in Atlanta, Chicago, New York, Montreal, Moscow and Hong Kong. The hackers were able to byass the withdrawal limits on the cloned cards which allowed the “cashiers” to withdrawal $500 during each transaction. An FBI spokesman at the Chicago field office stated that six to eight individuals were participants in the crime spree in the Chicago area. The spokesman also stated that level of coordination and the high degree of sophistication made this particular scam unlike any other he had seen. An assistant computer science professor at the University of Illinois at Chicago who specializes in computer security stated that, “there is a huge economy of attackers that are planning these.” The news of successful data breaches which result in several million dollar losses to financial sector companies is likely to spur more skilled hackers into attempting similar crimes. In addition, as the financial crisis takes a toll on the budgets of financial sector companies, the likely result will be cutbacks in spending on information technology (IT) security that is paramount for companies who need to improve their cyber defenses to fend off hackers. In the near to mid-term, we expect to see more headlines detailing multimillion dollar digital heists by hackers, which will result in customers feeling vulnerable and angry, and politicians calling for more regulations and accountability. Many Financial Data Systems Have Recently Been Breached Over the past several years, computer systems and networks at financial companies have been the target of some widespread and successful breaches by hackers that have caused the companies multimillion-dollar losses. • In January 2009, Heartland Payment Systems, the fifth largest payment processor in the United States, disclosed it had fallen victim to hackers in December 2008, exposing an undetermined number of consumers to potential fraud. The hackers were able to gain access to customers’ personal information and credit card numbers. • In January 2008, a criminal ATM scam started to unravel after two alleged “cashiers” were arrested following a lucky traffic stop, which caught them with blank cards and a mag-stripe writer in their car. The two men were among a total of five individuals arrested in connection with a successful breach of an ATM processing server at Citibank. Subsequent

Want more insight?

This content is restricted to members only. Members get access to all of the content on this site. This includes over 3000 Risk Intel Reports, the Attack Database (10,000 entries), over 3000 Intel Advisories, Threat Group Profiles on 500+ groups and over 100,000 curated OSINT excerpts. Your membership also supports the cost of producing our hand-curated Daily OSINT report.

Please consider becoming a member. For more information please click here. Thanks!
OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.