Citibank debit card fraud highlights ATM vulnerabilities
'Back-end servers are kind of a joke,' and the trouble doesn't end there
Computerworld - Malicious ATM intrusions, such as the late-winter breach that resulted in the compromise of Citibank debit card data, are not at all surprising given the vulnerable state of many of the servers and other components involved in processing such transactions, according to some industry representatives.
In fact, such incidents happen more often than generally perceived, though very few of them get the same kind of public attention that the Citibank breach attracted.
In the case of the Citibank attack, a server that processes withdrawals for Citibank-branded automated teller machines at 7-Eleven convenience stores in the New York area was breached sometime earlier this year. Card data and personal identification numbers (PIN) stolen from that server were used to make hundreds of fraudulent ATM withdrawals during February, resulting in losses of at least $750,000 to the bank.
ATM videocameras caught images of a man in a tan jacket and a Top Gun hat making the fraudulent withdrawals. The footage led authorities to a man named Yuriy Ryabinin, who was later arrested in connection with the intrusions and fraud. Arrested along with him in connection with the incident were two other individuals, Olena Rakushchynets and Ivan Biltse.
Citibank confirmed that the intrusions caused it to block and reissue cards to an undisclosed number of customers. But in a formal statement, the company said it did not own or operate any of the servers that were compromised in the incident. All Citibank-branded ATMs in 7-Eleven Inc.'s stores are owned and operated by Houston-based Cardtronics Inc., which manages close to about 36,000 machines, a spokesman added.
A Cardtronics spokesman refused to comment on the intrusions, saying that the company was not involved in any of the criminal proceedings currently under way in the case. The spokesman added that it is still not clear if any server owned by Cardtronics was in fact compromised. The spokesman also refused to offer any reasons as to why only Citibank customers appear to have been affected by the intrusion.
Most of the public details relating to the incident come from court papers filed in connection with Ryabinin's arrest. They show that Citibank informed the FBI about the ATM server breach around Feb. 1 of this year. The documents don't mention how many debit card accounts might have been compromised in the hack, but they do show that Ryabinin made hundreds of illegal withdrawals over a period of a few days during the end of February using information stolen in the heist. At the time of his arrest for the Citibank intrusion, Ryabinin was already being investigated by federal authorities for a similar fraud he had perpetrated against St. Louis, Mo.-based First Bank.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Is Your Big Data Solution Production-Ready? Read "Is Your Big Data Solution Production-Ready?" now, and discover best practices and actionable steps to implementing a production-ready big data solution.
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Cybercrime and Hacking White Papers | Webcasts