Hackers Steal Local Credit Card Info

[Jake Kouns <jkouns () opensecurityfoundation org>]

http://www.ketv.com/mostpopular/27959394/detail.html

OMAHA, Neb. -- Sarpy County Sheriff’s deputies are investigating an
identity theft case involving hackers who went after personal
information using customers credit and debit cards.

Investigators said Thursday they are dealing with more than fifty
victims from across the Omaha metro area, all unknowingly targeted in
the last few days or weeks. Investigators blame a breach of security
through a credit card processor.

Heidi Hammond and her husband got word from their bank that something
wasn’t right with their accounts.

“I looked at my online statement, and it said there were charges from
Brooklyn, New York,” said Hammond. Hammond said she never made the
charges, and that she and her husband were never even in New York.

“There was a charge for a Rite Aid, and then a Popeye's Chicken, and
Heaven Hair,” said Hammond.

Sarpy County sheriff’s deputies said they and bank officials tracked
suspicious purchases, using Omaha credit and debit cards, to several
different states including California, Texas, Indiana, New York and
Michigan. The card numbers were stolen through several Omaha
businesses, one of which was LaMar’s Donuts near 168th & Harrison.

A LaMar’s corporate spokesperson said they’ve changed the way they
process credit cards and debit cards. Instead of using an
internet-based system, they've reverted back to a telephone-based
system, which they said is more secure."

Sarpy County Lieutenant Mark Trapp said the internet was the weak link
in this case.

"Someone hacks into their system and actually makes physical cards
with those account numbers built into the magnetic strips,” said
Trapp.
Hammond said she’s just glad her bank stepped in.

The customers of at least three local banks have been affected. One of
those banks is Bank of the West, who sent KETV the following statment.

"Bank of the West is already working with a number of our customers in
the Omaha area whose cards were apparently compromised when used at a
local business. We encourage our customers to monitor their accounts
and to call the toll-free number on the back of their card anytime
they see suspicious transactions on their account."

Deputies said they believe the hackers responsible live in Eastern Europe.

If you think someone has stolen your personal information, you are
encouraged to call police and file a report, then call the following
major credit card bureaus and have them put a fraud alert on your
account.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/