As many as 100 people are believed to have taken part in a heist of nearly $13 million (USD) from cash machines in Japan, according to The Guardian.
Between 5 a.m. and 8 a.m. on the morning of May 15, thousands of withdrawals were made at 1,400 convenience stores using phony credit cards – with purloined account data from a bank in South Africa. Each culprit in the coordinated action withdrew 100,000 yen – the maximum that the cash machines allow – in Tokyo and other regions.
Because cards issued in a foreign country were used, as well as on a day when the banks were closed, the perpetrators had enough time to flee the country, authorities believe. None have been apprehended.
The Japanese police have contacted South African authorities, through Interpol, to determine how the miscreants might have acquired the credit card information.
“ATM fraud remains a leading cause of losses for banks, and this will likely increase in the U.S. as the shift to EMV cards at retail drives fraud to other channels, such as the ATM,” John Gunn, vice president of communications at VASCO Data Security, said in a statement emailed to SCMagazine.com. “We are already seeing large banks moving to integrate ATM security measures into their mobile banking app. It is easy for fraudsters to buy stolen cards to make unauthorized withdrawals, but it’s nearly impossible to commit theft if they must also have the intended victim’s mobile phone physically at the ATM machine at the same time.”
Gunn predicted that banks will in the future leverage customers’ mobile phones to reduce fraud across all channels.
UPDATE: This story was corrected to 1,400 convenience stores affected from the original 15,000.