Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Restaurant chain served up payment card data to hackers

Dave & Buster's discloses data thefts from last year after grand jury indicts three in case

May 13, 2008 12:00 PM ET

Active Comments
chip says: More and more reason to pay cash at these places I see. Slap the perps on their sleeve and hire...
Billy Bathgates says: Because they don't know any better. Whelp, serves 'em right for using malware-compliant bathgatesOS......


Computerworld - In the third data theft incident of its kind to come to light since March, Dallas-based restaurant chain Dave & Buster's Inc. today disclosed that credit and debit card numbers were stolen last year from the computer systems at 11 of its locations during the card verification process.

The thefts at Dave & Buster's took place during a four-month period from May through August of last year and have resulted in fraudulent payment card transactions worth at least $600,000 using data stolen from one of the restaurants alone, according to a federal grand jury indictment of three individuals that was unsealed yesterday at U.S. District Court in Central Islip, N.Y.

The U.S. Department of Justice said in a statement (download PDF) that the three alleged perpetrators — two of whom are listed as living in Eastern Europe — have all been arrested in connection with the case and that they are charged with various crimes as part of the indictment.

The DOJ identified the arrested individuals as Maksym Yastremskiy, a resident of Ukraine, and Aleksandr Suvorov, of Estonia. The 27-count indictment against the two includes charges of computer fraud, wire fraud, aggravated identity theft and interception of electronic communications.

Yastremskiy, who also goes by the name Maksik, was arrested last July in Turkey, the DOJ said, adding that the U.S. government has made a formal request to have him extradited. Suvorov, who uses the online handle JohnnyHell, was arrested in March in Germany at the request of U.S. officials and remains in jail there while the German government acts on a formal extradition request, the DOJ said.

The third individual charged in the Dave & Buster's case was identified as Albert Gonzalez, a Miami resident who faces one count of wire fraud. The DOJ said that Gonzalez, who uses the alias Segvec, was arrested this month by the U.S. Secret Service.

In a statement sent via e-mail in response to a request for comment, Dave & Buster's said that the alleged thieves stole the so-called Track 2 data from the magnetic stripes on the back of credit and debit cards, including the card numbers and expiration dates. The company said that the information hadn't been stored on its systems and was taken while the data was being transmitted to authorize transactions. It noted that the thieves didn't get any other personal data, such as names, addresses, PINs, or bank account and Social Security numbers.

In the statement, which was posted on the Restaurant News Resource Web site, Dave & Buster's said that it "was alerted to the potential data intrusion" late last August and that it "immediately" notified Secret Service officials. The company added that it notified the credit card companies of affected cardholders last September. But the data thefts weren't publicly disclosed until after the unsealing of the grand jury indictment.



Jump to comments

Dave & Buster's

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

What People Are Saying

White Papers & Webcasts

Gene Kim's Practical Steps to Achieve and Maintain NERC Compliance
Learn seven steps operators can take to meet IT configuration requirements set forth in the NERC-CIP standards.  

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!

Manager Experience Demo
Go beyond self-service solutions to perform more effectively. Watch Now.


IT Jobs