Network News

X My Profile
View More Activity

Eight indicted in $9M RBS WorldPay heist

Eight men have been indicted on charges that they hacked into credit card processing firm RBS Worldpay, and helped steal more than $9 million in a highly coordinated heist nearly a year ago, the U.S. Justice Department said Tuesday.

The 16-count indictment, which names individuals from Estonia, Moldova and Russia, is the first major break in a case federal investigators are calling "perhaps the most sophisticated and organized computer fraud attack ever conducted."

"Today, almost exactly one year later, the leaders of this attack have been charged," said Sally Quillian Yates, acting U.S. attorney of the Northern District of Georgia, in a written statement. "This investigation has broken the back of one of the most sophisticated computer hacking rings in the world."

The men are accused of cracking the data encryption that RBS WorldPay used to protect customer data on payroll debit cards, allowing them to clone the cards. Some companies use payroll cards in lieu of paychecks by depositing employee salaries or hourly wages directly into payroll card accounts, which can then be used as debit cards at ATMs. According to the government, the hacking ring also was able to raise the daily withdrawal limits on compromised accounts.

The Justice Department alleges that 44 counterfeit payroll debit cards were used to withdraw more than $9 million from at least 2,100 ATMs in at least 280 cities worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada. The money was stolen over a period of less than 12 hours, investigators say.

Dozens of accomplices -- also known as "cashers" -- who were hired to pull the money out of ATMs remain at large. The indictment alleges that the cashers were allowed to keep 30 to 50 percent of the stolen funds, but transmitted the bulk of the money back to the men named in the indictment.

Indicted on charges of hacking are Sergei Tsurikov, 25, of Tallinn, Estonia; Viktor Pleshchuk, 28, of St. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; and a person identified only as "Hacker 3". The indictment also charges four other men from Tallinn, Estonia with access device fraud, including Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33.

Atlanta-based RBS WorldPay disclosed the breach on Dec. 23, 2008. The company acknowledged that hackers had made off with personal and financial data on 1.5 million customers of its payroll card business. RBS said thieves also might also have accessed Social Security numbers of 1.1 million customers.

A copy of the indictment is available here

By Brian Krebs  |  November 10, 2009; 12:40 PM ET
Categories:  Cyber Justice , U.S. Government , Web Fraud 2.0  | Tags: rbs worldpay  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Apple ships 50+ security updates
Next: Microsoft plugs 15 holes in Windows, Office


I am not at all surprised that the accused are all from the former Soviet Union. If you've ever had to deal with these people in large numbers, you'll quickly find out just how corrupt and amoral many elements within their society are.

It's just too bad that we can't hang them in their hometown square. Seeing your neighbors (or their kids) twisting in the wind would probably have some deterrent effect.

Posted by: JoStalin | November 10, 2009 2:03 PM | Report abuse


I prefer a more subtle approach. First, plant trees on Wall St.

Posted by: gannon_dick | November 10, 2009 6:18 PM | Report abuse

The frequency of stories like this is increasing at an alarming rate.

Posted by: fchaffin | November 10, 2009 7:00 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company