Citibank to Replace ATMs Following Crime Spree
One of my sources, the other day, tipped me off that Citibank was in the process of replacing most of its automated teller machines (ATMs), but the source couldn't definitively say why. Citibank told ATM & Debit News that it was replacing some 2,000 proprietary ATMs in "a bid to improve customer service." But a story today by Wired.com reporter Kevin Poulsen suggests that the financial giant is responding to a computer intrusion into a Citibank server that processes ATM withdrawals, an incident that appears to have led to an ATM crime spree.
From the story at Wired.com's Threat Level Blog:
"Citibank denied to Wired.com's Threat Level that its systems were hacked. But the bank's representatives warned the FBI on February 1 that "a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached," according to a sworn affidavit (.pdf) by FBI cyber-crime agent Albert Murray.
Federal prosecutors in New York have charged 32-year-old Ukrainian immigrant Yuriy Ryabinin, aka Yuriy Rakushchynets, with access device fraud for allegedly using the stolen information to go on a cash-withdrawal spree. Ryabinin, who is allegedly an active member of underground credit card fraud forums, is not charged with the intrusion itself. He and a co-defendant "received over the internet information related to Citibank customers, which information had previously been stolen from Citibank," according to an indictment (.pdf) in the case."
Read more at this link here.
By
Brian Krebs
|
June 19, 2008; 5:11 PM ET
Categories:
Fraud
,
U.S. Government
Save & Share:
Previous: Cyber Justice Chronicles
Next: Apple Issues Fix for Safari On Windows Security Flaw
Posted by: David | June 20, 2008 9:09 AM | Report abuse
David, check out the follow-up article by the same Wired writer:
http://blog.wired.com/27bstroke6/2008/06/citibank-issues.html
It says that Citibank claims there was a breach of a third-party ATM processing system, but that the company may be covering up a breach of its own system. It also says that Citibank ATM fraud may still be occurring.
Posted by: Heron | June 20, 2008 6:19 PM | Report abuse
Certegy is the check-cashing system used on the 7-11 ATMS, which are now under CITIBANK control. Certegy had a breach of it's system by an employee but "no information had been sold ... and the employee had been dismissed." This was in November 2007. A class-action lawsuit is pending, with user/consumer opt-in ending 6/28/08. Any connection?
Posted by: Bob | June 20, 2008 9:30 PM | Report abuse
Citi is a casino masquerading as a bank. Take your money elsewhere before they lose it or suck it up in bogus fees. Closing a branch bank at 4 pm, YUK!
Posted by: Bill | June 22, 2008 1:52 AM | Report abuse
The comments to this entry are closed.
Which is more likely:
1) a FBI agent commits perjury to falsely accuse Citibank
2) Citibank distorts the truth to keep it's image intact
3) A third party contractor for Citibank was hacked
My guess is that it's number 3, but just not clearly identified, which is why it seems to be number 2.
It also covers the fact that they notified their customers (required under SOX rules).