Two charged with gift-card hacking scheme

IDG News Service - Two California men face charges in Massachusetts of hacking into point-of-sale computers at Subway restaurants and adding more than US$40,000 in value to gift cards, the U.S. Department of Justice said.

Shahin Abdollahi, also known as Sean Holdt, 46, of Lake Elsinore, California, and Jeffrey Thomas Wilkinson, 35, of Rialto, both have been charged with one count of conspiracy to commit computer intrusion and wire fraud, and one count of wire fraud. The DOJ on Friday released the two men's March 6 indictment in U.S. District Court for the District of Massachusetts.

Abdollahi is the former owner of Subway franchises in southern California and later operated a company, POS Doctor, that sold and installed point-of-sale computer systems to Subway restaurants across the U.S., the DOJ said in a press release.

Beginning about 2011, Abdollahi and Wilkinson worked together to remotely hack into POS systems in Subway restaurant franchises around the country, according to the indictment. Members of the conspiracy hacked into at least 13 Subway POS systems that Abdollahi sold through POS Doctor and fraudulently added at least $40,000 in value to Subway gift cards, the DOJ alleged.

Subway restaurants in Massachusetts, California and Wyoming were among those victimized, according to the indictment.

The defendants used a remote desktop application called LogMeIn, packaged on the POS systems that Abdollahi sold to Subway restaurants, to gain access to the systems, the DOJ alleged.

Abdollahi and Wilkinson allegedly used the fraudulent gift cards to make purchases at Subway, and Wilkinson also allegedly sold fraudulent gift cards to others using eBay and Craigslist.

IDG News Service was unable to reach Abdollahi or Wilkinson.

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.