BreachExchange mailing list archives
ATM hackers skim $3.3 million from 200 customers
From: Erica Absetz <eabsetz () opensecurityfoundation org>
Date: Thu, 31 Jan 2013 12:44:51 -0500
http://www.wiscnews.com/news/local/article_74a0527e-6b66-11e2-95a0-001a4bcf887a.html?comment_form=true BARABOO — An ATM machine hacking scheme that affected 200 Bank of Prairie du Sac customers was part of a wider-ranging fraud that has “skimmed” at least $3.3 million from U.S. debit card users and drawn the attention of the Secret Service. Sauk County District Attorney Kevin Calkins has filed felony identity theft charges against Mihai Vasile Bandura, a 39-year-old man who authorities believe is from Romania and may already have left the country, or is in the process of leaving. A Sauk County judge has authorized a warrant for Bandura’s arrest. In November, Bank of Prairie du Sac Senior Vice President Roxi Maier contacted the Sauk Prairie Police Department to report that numerous customers had noticed unauthorized withdrawals from their accounts at ATMs in Milwaukee, Racine and Chicago. Police suspect the scam artists placed a “skimming device” on the bank’s ATM at the Sentry Food Store in Prairie du Sac and used it to collect customers’ card information. According to a criminal complaint filed in Sauk County Circuit Court, the U.S. Secret Service informed Sauk Prairie Police Chief Jerry Strunz in December that two suspects in the case were stopped in Illinois. The Secret Service sent a photograph of Bandura, whom Strunz recognized as the person shown in surveillance footage using stolen card information at a Milwaukee bank ATM. The complaint says other authorities still are investigating possible links between other transactions and “an identified bank customer.” It’s unclear whether authorities were tracking Bandura and the other suspect when they were stopped, and why they believe he may be on his way out of the country. Secret Service spokesman Max Milien declined to comment and directed inquiries to the Sauk Prairie Police Department. Reached by phone Tuesday, Strunz said he could not comment on the case because the investigation is ongoing. “I don’t want to jeopardize anything we’ve got going,” he said. According to the Secret Service’s website, skimming devices can be added to the front or inside of ATMs or gas pumps to capture transaction information. In many cases, the criminals install a covert camera to capture the card holder’s personal identification number. Cards also can be skimmed by collusive cashiers who complete sales, then covertly capture a second unauthorized swipe on a portable device before returning the card. Authorities say card users should make sure their card is swiped only once by a cashier. They also should conceal PIN numbers as they enter them into ATMs or credit card readers. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges.
Current thread:
- ATM hackers skim $3.3 million from 200 customers Erica Absetz (Jan 31)