Foreign hackers sniff out credit card data

Share this article:
Foreign hackers have compromised cash register terminals at 11 Dave & Buster's restaurants around the United States. The scheme resulted in losses of some $600,000.

The hackers were arrested in various locations, including Turkey and Germany. The hackers sold the stolen data to others who used it to make fraudulent purchases or resold it to make such purchases.

In announcing the arrests, U.S. Attorney Benton J. Campbell said, “Hackers who reach into our country from abroad will find no refuge from the reach of U.S. criminal justice.”

According to the U.S. Department of Justice, the people arrested gained unauthorized access to cash register terminals, though details on how were not specified. They allegedly installed “packet sniffer" programs at each restaurant to capture communications on the Dave & Buster's link. The packet sniffer was configured to capture "track two" data as it moved from each restaurant's point-of-sale server to computer systems at the company's corporate headquarters.

Track two data includes a customer's account number and expiration date, but not cardholder names or other personally identifiable information.

Also involved in the investigation was the U.S. Secret Service.

“This investigation and the resulting indictments should serve as a warning to cybercriminals that law enforcement will continue to pursue them wherever they are,” U.S. Secret Service Director Mark Sullivan said.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.