Foreign hackers sniff out credit card data

Share this article:
Foreign hackers have compromised cash register terminals at 11 Dave & Buster's restaurants around the United States. The scheme resulted in losses of some $600,000.

The hackers were arrested in various locations, including Turkey and Germany. The hackers sold the stolen data to others who used it to make fraudulent purchases or resold it to make such purchases.

In announcing the arrests, U.S. Attorney Benton J. Campbell said, “Hackers who reach into our country from abroad will find no refuge from the reach of U.S. criminal justice.”

According to the U.S. Department of Justice, the people arrested gained unauthorized access to cash register terminals, though details on how were not specified. They allegedly installed “packet sniffer" programs at each restaurant to capture communications on the Dave & Buster's link. The packet sniffer was configured to capture "track two" data as it moved from each restaurant's point-of-sale server to computer systems at the company's corporate headquarters.

Track two data includes a customer's account number and expiration date, but not cardholder names or other personally identifiable information.

Also involved in the investigation was the U.S. Secret Service.

“This investigation and the resulting indictments should serve as a warning to cybercriminals that law enforcement will continue to pursue them wherever they are,” U.S. Secret Service Director Mark Sullivan said.


Share this article:

Sign up to our newsletters

More in News

Instagram iOS and Android apps vulnerable to session hijacking

Two researchers wrote about the Instagram app for iOS and Android is vulnerable to session hijacking because both send unsecured information through HTTP.

Report: Hackers stole data from Israeli defense firms

A report by Brian Krebs detailed the intrusions, which occurred between Oct. 2011 and Aug. 2012.

Neverquest trojan targets regional banks in Japan

Symantec researchers found a new variant of the banking trojan.