NEW YORK -- A worldwide gang of criminals stole a total of $45 million in a matter of hours by hacking their way into a database of prepaid debit cards, then draining cash machines around the globe, U.S. federal prosecutors said Thursday. And outmoded U.S. card technology may be partly to blame.
Seven people are under arrest in the U.S. in the case, which prosecutors said involved thousands of thefts from ATMs using bogus magnetic swipe cards carrying information from Middle Eastern banks. The fraudsters moved with astounding speed to loot financial institutions around the world, working in cells including one in New York, Brooklyn U.S. Attorney Loretta Lynch said.
Here's how it worked: Hackers got into bank databases, eliminated withdrawal limits on prepaid debit cards and created access codes. Others loaded that data onto any plastic card with a magnetic stripe. Some of the fault lies with the ubiquitous magnetic strips on the back of the cards. The rest of the world has largely abandoned cards with magnetic strips in favour of ones with built-in chips that are nearly impossible to copy.
A network of operatives then fanned out to rapidly withdraw money in multiple cities, authorities said. The cells would take a cut of the money, then launder it through expensive purchases or ship it wholesale to the global ringleaders.
There were two separate attacks, one in December that reaped $5 million worldwide and one in February that snared about $40 million in 10 hours with about 36,000 transactions.
The scheme involved attacks on two banks, Rakbank in the United Arab Emirates and the Bank of Muscat in Oman, prosecutors said. Canada was one of the countries in which ATMs were plundered.
-- The Associated Press