Two men charged with hacking Subways to load up gift cards

Share this article:

Two California men have been charged with hacking and wire fraud after compromising a number of point-of-sale (POS) systems at Subway restaurants.

Shahin Abdollahi, 46, of Lake Elsinore and Jeffrey Wilkinson, 35, of Rialto are accused of remotely accessing at least 13 POS devices to add tens of thousands of dollars in value to Subway gift cards. The pair was charged in an indictment unsealed Friday in Boston. One of the victim stores is located in nearby Franklin, Mass.

According to the indictment, Abdollahi, a former Subway franchisee for four years, opened a POS business in 2008 in Southern California. The company sold POS equipment to merchants, specifically Subway, across the country.

Most, if not all, of the POS computers sold by Abdollahi also included a remote desktop application, which was used to remotely access 13 of the systems during the wee hours in late 2011 and early 2012, prosecutors said. The defendants used that access to fraudulently load "dollar values" – totaling $40,000 – onto gift cards in their possession.

The men are accused of using the gift cards to make purchases at Subway locations in California, and also with selling the gift cards on sites like eBay and Craigslist. The indictment alleges that Wilkinson placed the ads on the sites and, on one occasion, sold the fraudulent gift cards to a person identified as "B.J." in court documents.

Subway has been a visible target of late. In December 2011, four Romanian nationals were charged with remotely hijacking the credit card processing systems of more than 150 Subway restaurants in the United States, along with dozens of other unnamed retailers, the federal prosecutors announced. The defendants, all in their 20s, compromised the credit card data of 80,000 customers and made millions of dollars in unauthorized purchases.

At least one since has been sentenced.

Attorneys for the latest defendants could not be reached.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Kevin Mitnick to sell zero-day exploits

Kevin Mitnick's new venture will develop and procure zero-day exploits, then sell them for $100,000 or more.

FBI warns of potential cyber attacks launched by ISIS hacktivists

Following U.S. military airstrikes in the Middle East, the FBI has issued a warning regarding possible cyber threats aimed at U.S. networks and critical infrastructure by hacktivists in support of ISIS.

Report: 75 million records compromised so far in 2014

Report: 75 million records compromised so far in ...

An updated report indicates that since this time last year, breaches have increased by 29.4 percent, with 568 breaches occurring this year.