A McDonald's employee used a handheld skimming device for three weeks to collect "approximately 282" card numbers.
According to wkyc.com, the unidentified man from Oklahoma told authorities that he sold the card numbers to four men. The majority of the cards had been used at a McDonald's in Tulsa, Oklahoma, while internet searches had been done on a seized computer for magnetic-strip card readers and writers and skimming devices.
The McDonald's employee told authorities that one of the men, Daniel Jefferson, would come to his apartment each night after work and download the card numbers from the skimmer. He said he was paid $600 and given two laptops and a Nintendo 3DS.
A woman contacted the Bank of Oklahoma about $316.32 in charges to her debit card from a Tulsa Wal-Mart, and surveillance footage showed Godlive Tetty-Mensah making the purchases.
Jefferson, Tetty-Mensah, Stanjulfran Mensah and Bismark Baah are in jail on charges that they re-encoded other cards to buy iPads and laptop computers. The McDonald's worker wasn't identified in the court filing.
In a statement, McDonald's said: “Nothing is more important to us than the security of our customers. This is an isolated incident which we take very seriously, and this person is no longer employed by our organisation.”
The haul was much smaller than that from a branch of Subway where card data from 80,000 people was collected. McDonald's was the victim of a data breach in December 2010 when a third party was hacked and customer information collected in connection with promotions was accessed.