Hacking Ring Indicted For $9 Million Fraud
A federal grand jury in Atlanta has indicted eight East Europeans on charges of hacking into a computer network operated by the credit card processing company RBS WorldPay, the U.S. Department of Justice said today.
The 16-count indictment alleges the group used sophisticated hacking techniques to compromise data encryption used by RBS WorldPay to protect customer data on payroll debit cards. Payroll debit cards are used by some companies to pay their employees.
The hacking ring allegedly raised the account limits on compromised accounts, and then provided a network of "cashers" with 44 counterfeit payroll debit cards, which were used to withdraw more than $9 million from more than 2,100 ATMs in at least 289 cites worldwide, including cities in the U.S., Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada. The $9 million loss occurred within less than 12 hours.
The hackers then attempted to destroy data on the card processing network to hide their hacking activity. The indictment alleges that the "cashers" were allowed to keep 30 to 50 percent of the money, but sent the rest back to the leaders of the hacking ring.
"The charges brought against this highly sophisticated international hacking ring were possible only because of unprecedented international cooperation with our law enforcement partners, particularly between the United States and Estonia," said Assistant Attorney General of the Criminal Division Lanny A. Breuer.
"Through our close cooperation, both nations have demonstrated our commitment to identifying sophisticated attacks on U.S. financial networks that are directed and operated from overseas and our commitment to bringing the perpetrators to justice."
Some of the hackers if convicted in the U.S. could be sentenced to up to 20 years in prison.