funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Hackers Steal OmniAmerican Bank Account Data

From: "Paul Ferguson" <fergdawg () netzero net>
Date: Thu, 24 Jan 2008 22:00:20 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Via Star-Telegram.com.

[snip]

An international gang of cyber criminals hacked into OmniAmerican Bank's
records, the bank's president disclosed Wednesday.

They stole scores of account numbers, created new PINs, fabricated debit
cards, then withdrew cash from ATMs in Eastern Europe, including Russia and
Ukraine, as well as in Britain, Canada and New York.

"It was a pretty sophisticated scheme," said Tim Carter, president of the
Fort Worth-based bank.

The amount stolen is not yet known, he said, describing it only as
"minimal." No depositors will lose money, he said.

Fewer than 100 accounts, some of them dormant, were compromised, all with a
daily withdrawal limit of less than $1,000, he said.

After discovering the fraudulent activity Friday afternoon, OmniAmerican
placed temporary limits on some ATM and debit-card transactions and
suspended some electronic banking services, which were restored Sunday,
Carter said. At no time were customer deposits at risk, he stressed. "We
reduced by half the dollar amount that could be withdrawn and limited
[access] to Texas. We cut out anything outside Texas," Carter said.

The unauthorized withdrawals were stopped Friday, and bank employees worked
over the weekend to deal with the damage, he said.

The bank learned of the breach from customers inquiring about unusual
activity in their accounts, from internal monitoring and from a
law-enforcement agency, which Carter declined to name.

[snip]

More:
http://www.star-telegram.com/business/story/429367.html

Hat-tip: Pogo Was Right

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFHmQpvq1pz9mNUZTMRAljLAKDuXzcfgMcawOQOwFLwJ8UrUbm5HACgsKwn
O2lTwaWQbYfgEO6UHVsGn6A=
=J7aH
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: