Network News

X My Profile
View More Activity

Citibank to Replace ATMs Following Crime Spree

One of my sources, the other day, tipped me off that Citibank was in the process of replacing most of its automated teller machines (ATMs), but the source couldn't definitively say why. Citibank told ATM & Debit News that it was replacing some 2,000 proprietary ATMs in "a bid to improve customer service." But a story today by reporter Kevin Poulsen suggests that the financial giant is responding to a computer intrusion into a Citibank server that processes ATM withdrawals, an incident that appears to have led to an ATM crime spree.

From the story at's Threat Level Blog:

"Citibank denied to's Threat Level that its systems were hacked. But the bank's representatives warned the FBI on February 1 that "a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached," according to a sworn affidavit (.pdf) by FBI cyber-crime agent Albert Murray.

Federal prosecutors in New York have charged 32-year-old Ukrainian immigrant Yuriy Ryabinin, aka Yuriy Rakushchynets, with access device fraud for allegedly using the stolen information to go on a cash-withdrawal spree. Ryabinin, who is allegedly an active member of underground credit card fraud forums, is not charged with the intrusion itself. He and a co-defendant "received over the internet information related to Citibank customers, which information had previously been stolen from Citibank," according to an indictment (.pdf) in the case."

Read more at this link here.

By Brian Krebs  |  June 19, 2008; 5:11 PM ET
Categories:  Fraud , U.S. Government  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Cyber Justice Chronicles
Next: Apple Issues Fix for Safari On Windows Security Flaw


Which is more likely:
1) a FBI agent commits perjury to falsely accuse Citibank
2) Citibank distorts the truth to keep it's image intact
3) A third party contractor for Citibank was hacked

My guess is that it's number 3, but just not clearly identified, which is why it seems to be number 2.

It also covers the fact that they notified their customers (required under SOX rules).

Posted by: David | June 20, 2008 9:09 AM | Report abuse

David, check out the follow-up article by the same Wired writer:

It says that Citibank claims there was a breach of a third-party ATM processing system, but that the company may be covering up a breach of its own system. It also says that Citibank ATM fraud may still be occurring.

Posted by: Heron | June 20, 2008 6:19 PM | Report abuse

Certegy is the check-cashing system used on the 7-11 ATMS, which are now under CITIBANK control. Certegy had a breach of it's system by an employee but "no information had been sold ... and the employee had been dismissed." This was in November 2007. A class-action lawsuit is pending, with user/consumer opt-in ending 6/28/08. Any connection?

Posted by: Bob | June 20, 2008 9:30 PM | Report abuse

Citi is a casino masquerading as a bank. Take your money elsewhere before they lose it or suck it up in bogus fees. Closing a branch bank at 4 pm, YUK!

Posted by: Bill | June 22, 2008 1:52 AM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company