This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

ATM hackers net millions using stolen information

Share this article:
A unique breach of bank information has hit Citibank, one of the world's largest banks.

According to a federal grand jury indictment, two hackers using bank accounts and PINs stolen over the internet, managed to steal millions of dollars from Citibank.

The two charged were a Ukrainian immigrant, Yuriy Ryabinin, and Ivan Biltse. The pair are alleged to be part of a worldwide scam that has made 9,000 fraudulent ATM withdrawals, according to court documents. The money was drained from ATMs in the New York area, authorities said.

“On or about February 1 2008, Citibank representatives informed the FBI that a Citibank server that processes ATM withdrawals at 7-11 convenience stores had been breached," according to an affidavit filed with a New York federal court by Albert Murray, an FBI special agent.

There were hundreds of ATM withdrawals using the breached information in New York from October 2007 to March this year, authorities said. Some of the illicit withdrawals were videotaped. The criminals used ATM cards encoded with Citibank customer account information to withdraw the money.

Specifically, the indictment charged that the criminals “received over the internet information relating to the bank accounts of multiple Citibank customers, information which had been previously stolen from Citibank.”

A spokeswoman for Citibank did not respond to a request for comment.

WIth correct information, it is very easy to create a counterfeit card, Avivah Litan, Gartner vice president and distinguished analyst, told SCMagazineUS.com on Thursday.

"All you have to have is the PIN and enough customer information," she said. "And the criminals have figured out how to get that."

This kind of fraud is becoming an enormous problem for banks, said Litan. “Criminals have found ways to basically bypass many of the controls that banks have in place," she said. "So ATM and debit card fraud is expected to rise. In our surveys, banks themselves expect the rate of fraud to double over the next two years."
Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

NCA wants security pros to become cybercrime fighters

NCA wants security pros to become cybercrime fighters

The UK's National Crime Agency is on the hunt for cyber security professionals to "join the fight against some of the world's most significant cyber criminals" on salaries ranging from ...

GCHQ head says agency was 'never involved in mass surveillance'

GCHQ head says agency was 'never involved in ...

Sir Iain Lobban says GCHQ staff "are normal decent human beings who watch EastEnders and Spooks".

Apple Mac OS criticised for sending search results to third parties

Apple Mac OS criticised for sending search results ...

Apple is under pressure to make changes to the Spotlight feature on the new Mac OS X Yosemite 10.10, which tracks location and sends data back to the firm and ...