Hackers in the US have
cracked card PIN codes used in cash machines.
Citibank-branded machines in 7-Eleven convenience stores across
the country were targeted in the biggest remote PIN code theft scam
seen in the US.
Between last autumn and this spring, at least $2m (£1m) was
stolen from customer accounts using copied cards and the stolen
PINs.
The fraud came to light after the alleged hackers were charged
in a New York court. They are Yuriy Rakushchynets, Ivan Biltse and
Angelina Kitaeva.
They have been charged with conspiracy and fraud, although the
actual hacking is believed to have been completed by another party
remotely.
The ring-leader is said to be Rakushchynets, a 32-year-old
Ukrainian.
When his Brooklyn home was raided, investigators found $800,000
(£400,000) cash stuffed in rubbish bags.
It is not known how many Citibank and other banking customers
were affected by the scam.
There are nearly 5,700 Citibank-branded cash machines inside
7-Eleven stores, but different firms maintain and operate the
remote servers dealing with transactions.
It is not clear which server was compromised in the hacking
operation.
Read more about PINs:
PCI council adds Pin security to remit>>
PCI payment card body adds PIN entry device testing to
portfolio>>