Bank Breach Hits ATMs, No Retailer At Fault This Time
Written by Evan SchumanOne of the repeated arguments made in retail data security circles is that retailers tend to have much weaker security because it’s not as much of a cultural priority as, for example, banking. So it’s a little bit consoling that the latest ATM databreach is apparently not the result of a retail breach, not the result of social engineering and the trusting bank clerk, but is the first proven incident of a bank server’s breach linked to ATM fraud.
A computer intrusion into a Citibank server that processes ATM withdrawals led to two Brooklyn men making hundreds of fraudulent withdrawals from New York City cash machines in February, pocketing at least $750,000 in cash, according to a Wired story. Although Citibank told Wired that its systems had not been breached, Citibank “warned the FBI on February 1 that ‘a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached,’ according to a sworn affidavit by FBI cyber-crime agent Albert Murray.”
Leave a Reply
Our Comment SPAM system is getting very aggressive these days and has been blocking legitimate comments. If you post a comment and don't see it appear within 2 hours or so, can you please send a heads-up to customer-service@storefrontbacktalk.com? Ideally, please include the time you posted the comment. That will allow us to try and hunt for it. Thanks! P.S. We're working on fixing the system, but we don't want to lose any valuable comments in the meantime.
I have strong reservations about the 'individual' certification and posting of that information for merchants. Can you imagine the potential employee poaching that might occur? The implications when competitors can look up how many are certified with each of their competitors? 
-Christine
