Update: Credit Card Investigation Involves Walmart
In a post yesterday, I guessed that Walmart may be involved somehow in a current investigation into the theft of ATM cards. CNET provides an update today which indeed shows that Walmart is involved, as is OfficeMax.
From CNET here:
Sources now say that the case might involve two separate retail chains–one which has ackowledged a problem and another whose possible role is uncertain.
After receiving a call from CNET News.com about the investigation into the 200,000 canceled credit cards, a Wal-Mart media representative refused to answer questions but called attention to a statement released by the company on Dec. 2, 2005. In the statement, Wal-Mart acknowledged that credit cards used by some customers who bought gas at the company’s Sam’s Club stations between Sept. 21, 2005, and Oct. 2, 2005, were compromised. Many Sam’s Clubs also accept debit cards.
“The investigation began when the credit card issuers reported that some cardholders were reporting fraudulent charges on their statements,” Wal-Mart said in its press release. “It is still in its preliminary stages, with no determination on how the data was improperly obtained.”
But the trail doesn’t end with Wal-Mart, said sources close to the investigation. As investigators began to look into the recent rash of unauthorized charges, they found that a large number of people whose debit cards were compromised had one thing in common: they previously had shopped at office-supply chain OfficeMax, said a banking source familiar with the case. Two law enforcement sources also said OfficeMax is part of the investigation but did not provide details.
“We have not suffered any security breach to our knowledge,” OfficeMax spokesman William Bonner said Friday.
According to one banking official close to the case, OfficeMax has been queried by at least one financial institution about the matter.
“This is why we don’t reveal the names to the public,” said the banking official who requested anonymity. “We’re not sure which customers may have been ripped off in the Wal-Mart deal or whether OfficeMax was the problem.”
The other part of my post dealt with the speculation that terrorist groups could be involved. Nope, it looks like it is still hacker gangs that are using the stolen data.
The credit union told customers that the fraud resulted in “counterfeit cards being made and used internationally.” Golden 1 told the Bee that it closed accounts after discovering unauthorized withdrawals at ATMs in Great Britain, Russia and South Korea. Golden 1 also said that not all the debit cards cancelled had unauthorized withdrawals on them, but all were used at an unidentified Sacramento business in the fall of 2005.
Someone working for that merchant is suspected of pilfering account and personal identity numbers from the cards, the Bee reported.
So hacker gangs continue to use credit cards and personal information as currency on the internet. Hackers exchange this information for services, such as exploit code, denial of service attacks, passwords to botnets and more.
And if teenager hacker gangs can use stolen identities to finance their shenanigans, how easy would it be for terrorist groups to do the same?
