This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

ATM hackers net millions using stolen information

Share this article:
A unique breach of bank information has hit Citibank, one of the world's largest banks.

According to a federal grand jury indictment, two hackers using bank accounts and PINs stolen over the internet, managed to steal millions of dollars from Citibank.

The two charged were a Ukrainian immigrant, Yuriy Ryabinin, and Ivan Biltse. The pair are alleged to be part of a worldwide scam that has made 9,000 fraudulent ATM withdrawals, according to court documents. The money was drained from ATMs in the New York area, authorities said.

“On or about February 1 2008, Citibank representatives informed the FBI that a Citibank server that processes ATM withdrawals at 7-11 convenience stores had been breached," according to an affidavit filed with a New York federal court by Albert Murray, an FBI special agent.

There were hundreds of ATM withdrawals using the breached information in New York from October 2007 to March this year, authorities said. Some of the illicit withdrawals were videotaped. The criminals used ATM cards encoded with Citibank customer account information to withdraw the money.

Specifically, the indictment charged that the criminals “received over the internet information relating to the bank accounts of multiple Citibank customers, information which had been previously stolen from Citibank.”

A spokeswoman for Citibank did not respond to a request for comment.

WIth correct information, it is very easy to create a counterfeit card, Avivah Litan, Gartner vice president and distinguished analyst, told SCMagazineUS.com on Thursday.

"All you have to have is the PIN and enough customer information," she said. "And the criminals have figured out how to get that."

This kind of fraud is becoming an enormous problem for banks, said Litan. “Criminals have found ways to basically bypass many of the controls that banks have in place," she said. "So ATM and debit card fraud is expected to rise. In our surveys, banks themselves expect the rate of fraud to double over the next two years."
Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Defending Critical Infrastructure: only 6% of incidents malicious

Defending Critical Infrastructure: only 6% of incidents malicious

The weather, or even simple mis-configuration, are threats to critical infrastructure, but in an emergency, could government now run privatised utilities?

Scammers tap the power of Facebook to offer `free' iPhones a-plenty

Scammers tap the power of Facebook to offer ...

Free iPhone? More like an iPhoney...

FBI's facial and fingerprint super-database goes live

FBI's facial and fingerprint super-database goes live

The FBI: we have your facial and fingerprint templates on file...