BreachExchange mailing list archives
OfficeMax at center of major data-security breach with debit cards
From: "J Isherwood" <ish () dolphtech com>
Date: Tue, 14 Feb 2006 15:33:53 -0500
http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2006/02/14 /BUGGQH7QK21.DTL (I Believe that this ties right into the message lyger sent 2 days ago, quoted for reference down below) Ish... ___________________________________________________________________ OfficeMax at center of major data-security breach with debit cards - David Lazarus, Tuesday, February 14, 2006 OfficeMax is the Northern California retailer at the heart of a major data-security breach affecting as many as 200,000 consumers, banking and law-enforcement sources confirmed Monday. They also said investigators are exploring the possibility that the Russian mob or another Eastern European crime syndicate is responsible for accessing U.S. consumers' debit-card numbers and selling counterfeit cards on the black market worldwide. Bill Bonner, an OfficeMax spokesman, said that to the best of his knowledge, no security breach had occurred at any of the Illinois company's Northern California outlets. "I just can't say that happened," he said. Still, Bonner declined to comment on whether OfficeMax is cooperating with the FBI and Secret Service on their investigation into the debit-card theft. "I can't make any comment on any law-enforcement investigations," he said, adding that "we're trying to be responsible and not create any kind of panic." Four well-placed sources in the banking industry said it's possible that OfficeMax can't yet say with certainty that a breach occurred because it often takes investigators time to piece together a hacker's electronic trail. But they said there's no doubt that OfficeMax has made its computer system available to federal authorities for their investigation. Special Agent Karen Ernst of the FBI's Sacramento office declined to discuss details of the case. "It's an ongoing investigation being worked jointly with other agencies, including the Secret Service," she said. Numerous banks have replaced customers' debit cards in recent weeks, including Bank of America, Wells Fargo and Washington Mutual. An executive at one leading bank told me he spoke with senior officials at OfficeMax shortly after news of the security breach broke in this column last week. He said he was surprised by the bank's decision to remain silent on the matter. "I warned them point blank that they have to get out in front of this," the exec said. It appears that a hacker penetrated the computer network of an OfficeMax outlet in Sacramento last fall, sources said. They said the hacker may have gained access to account information for as many as 200,000 customers, potentially downloading people's names, debit-card numbers and secret codes used to validate transactions. Bank officials said bogus charges related to the incident have cropped up throughout Europe and Asia. Many have originated in former Soviet bloc countries. This has raised investigators' suspicions that the Russian mafia or another Eastern European crime syndicate is behind the OfficeMax breach, sources said. In September 2004, a senior FBI official, Steven Martinez, testified before Congress that the bureau's Internet Crime Complaint Center, or IC3, had noticed an increasing number of cyber crimes involving Eastern Europeans. "The FBI, through the IC3, has observed a continuing increase in both volume and potential impact of cyber crime with significant international elements," he said. "Identifying such trends, as well as formulating an aggressive and proactive counterattack strategy, remains a fundamental objective of the FBI's Cyber Division." It's unclear when the OfficeMax hack actually occurred. Banking industry sources say they believe authorities were made aware of the situation in December. But they acknowledge that consumers' personal info could have been endangered well before this time. Oakland resident Alicia Vagts, 34, illustrates this possibility. She discovered in October that someone in Estonia was running up about $2,500 in fraudulent charges on her Washington Mutual debit card. "I barely knew where Estonia was," she said. (It's on the Baltic Sea, right next to Russia.) Asked if she ever shops at office-supply stores, Vagts said she was a frequent customer of OfficeMax while attending law school in Sacramento. "I was there all the time, buying things for school," she said. A Washington Mutual spokesman said it's not yet known whether Vagts' case is linked to the security breach now being probed by federal investigators or was a separate incident. He and other bank reps said financial institutions are being extra cautious in this latest case, replacing debit cards not just for OfficeMax shoppers but also for an unspecified number of other people who may never have visited the retailer. But OfficeMax is the common denominator for most consumers affected by the security breach. San Francisco resident John Wilson, 52, said he has no doubt why he got a new card in the mail this week. "OfficeMax is the only office-supply store I've gone to where I've used my debit card for the past two years," he said. This isn't the company's first brush with fraud in Northern California. Last month, a former worker at the OfficeMax outlet in the Alameda Towne Centre was arrested for allegedly using a customer's credit card number to pay about $1,000 in cell-phone bills. Sgt. Dennis Hart of the Alameda Police Department said the suspect, Oakland resident Chantalle Adrianna Allen, 19, admitted the theft after being taken into custody. He said the card in question belonged to the Odd Fellows, a fraternal organization. A member of the group had purchased office supplies at OfficeMax in December. David Lazarus' column appears Wednesdays, Fridays and Sundays. Send tips or feedback to dlazarus () sfchronicle com. Page C - 1 URL: http://sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2006/02/14/BUG GQH7QK21.DTL -----Original Message----- From: dataloss-bounces () attrition org [mailto:dataloss-bounces () attrition org] On Behalf Of lyger Sent: Sunday, February 12, 2006 3:27 PM To: dataloss () attrition org Subject: [Dataloss] A bit more about the stolen debit cards (forwarded from another mail list) Date: Sun, 12 Feb 2006 09:42:20 -0500 Subject: A bit more about the stolen debit cards Web of intrigue widens in debit-card theft case http://news.com.com/Web+of+intrigue+widens+in+debit-card+theft+case/2100-102 9_3-6038405.html?tag=nefd.top After receiving a call from CNET News.com about the investigation into the 200,000 cancelled credit cards, a Wal-Mart media representative refused to answer questions but called attention to a statement released by the company on Dec. 2, 2005. In the statement, Wal-Mart acknowledged that credit cards used by some customers who bought gas at the company's Sam's Club stations between Sept. 21, 2005 and Oct. 2, 2005, were compromised. Many Sam's Clubs also accept debit cards. .... But the trail doesn't end with Wal-Mart, said sources close to the investigation. As investigators began to look into the recent rash of unauthorized charges, they found that a large number of people whose debit cards were compromised had one thing in common: they previously had shopped at office-supply chain OfficeMax, said a banking source familiar with the case. Two law enforcement sources also said OfficeMax is part of the investigation but did not provide details. None of the sources, who requested anonymity due to the ongoing investigation, knew for certain whether OfficeMax had suffered a security breach. "We have not suffered any security breach to our knowledge," said William Bonner, an OfficeMax spokesman, on Friday. According to one banking official close to the case, OfficeMax has been queried by at least one financial institution about the matter. "This is why we don't reveal the names to the public," said the banking official who requested anonymity. "We're not sure which customers may have been ripped off in the Wal-Mart deal or whether OfficeMax was the problem." _______________________________________________ Dataloss mailing list Dataloss () attrition org https://attrition.org/mailman/listinfo/dataloss
Current thread:
- A bit more about the stolen debit cards lyger (Feb 12)
- OfficeMax at center of major data-security breach with debit cards J Isherwood (Feb 14)