BreachExchange mailing list archives
Re: Debit Card Fraud Tied to OfficeMax Breach (fwd)
From: hypronix <hypronix () gmail com>
Date: Thu, 9 Mar 2006 08:55:09 -0800
Catching is hard in most cases. The PINs are usually traded overseas [from EU to N.Am. or otherwise] and 'cashing out' is done by one or more independent people which all pay a certain comission back to the PIN/CC# provider. Depending on one's will to risk themselves getting caught, withdrawals of up to US$15000 a day are not all that common. Short of utter stupidity or pushing one's luck too far, there is no immediate way in which 'cash-outs' can be stopped. Short of, of course, invalidating all CC#'s at the first sign of compromise. But that doesn't seem to be as 'normal' as one would expect it... On 3/9/06, Sharon Besser <sbesser () gmail com> wrote:
We have seen similar case in Israel ~ 2 years ago. Someone managed to get access to VISA cards information (including PIN numbers) by stealing an on-line processing machine, which apparently, had offline backup (....) Then he decrypted the data and build his own 'white card'. AFAIK they never caught the person that was leading the gang. Sharon from http://www.eweek.com/article2/0,1895,1935677,00.asp The fraudulent transactions involve cloned Visa debit cards and may be linked to the theft of blocks of PINs from OfficeMax or an intermediary processor, sources familiar with the case said. _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
_______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/errata/dataloss/
Current thread:
- Debit Card Fraud Tied to OfficeMax Breach (fwd) Sharon Besser (Mar 09)
- Re: Debit Card Fraud Tied to OfficeMax Breach (fwd) hypronix (Mar 09)