7-Eleven's Citibank ATMs Hacked
SAN JOSE, Calif. -- In what amounts to millions of dollars, hackers successfully accessed Citibank's network of ATMs inside 7-Eleven stores stealing both money and funds, a recent court filing stated.
The ATM operating system was purportedly compromised by hackers who were able to access customer PIN numbers by attacking back-end computers that are in place to protect precious data. These systems predominately use Microsoft Corp.'s Windows operating system, which provides the ability to remotely diagnosis machines in need of repair via the Internet.
This process requires a separate cloaking device to deter hacking; however, in the case of Citibank, proper oversight remains in question.
"PINs were supposed be sacrosanct -- what this shows is that PINs aren't always encrypted like they're supposed to be," Avivah Litan, a security analyst with the Gartner research firm, told The Associated Press. "The banks need much better fraud detection systems and much better authentication."
It is estimated that the breach began in October of last year. To date, it is unclear how many of Citibank's approximately 5,700 branded ATMs in 7-Eleven stores were impacted.
Citibank, part of Citigroup Inc., has declined to comment on the technique or how many customers' accounts were compromised. It said it notified affected customers and issued them new debit cards.
"We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts," the bank said in a released statement.
Citibank, however, does not own or operate the machines. The Houston-based Cardtronics Inc. owns all the machines, but only operates some, while the Brookfield, Wis.-based Fiserv Inc. operates the remaining machines.
To date, a public explanation has not be released on how exactly the information was attained. The AP reported the hackers broke into the ATM network through a server at a third-party processor, an approach that would remove the need to deal directly with the ATM machines.
Don Jackson, director of threat intelligence for SecureWorks Inc., told the AP he has seen an "alarming" spike in the number of attacks on back-end computers for ATM networks over the past year.
"This was fairly large, but I don't think it's anything out of the ordinary -- these kinds of scams go on every day," Jackson told the AP. "What makes this case unique is the sheer luck of happening upon these guys and catching them red-handed. But there are a whole lot of other ATM and PIN compromises going on that aren't reported."
The ATM operating system was purportedly compromised by hackers who were able to access customer PIN numbers by attacking back-end computers that are in place to protect precious data. These systems predominately use Microsoft Corp.'s Windows operating system, which provides the ability to remotely diagnosis machines in need of repair via the Internet.
This process requires a separate cloaking device to deter hacking; however, in the case of Citibank, proper oversight remains in question.
"PINs were supposed be sacrosanct -- what this shows is that PINs aren't always encrypted like they're supposed to be," Avivah Litan, a security analyst with the Gartner research firm, told The Associated Press. "The banks need much better fraud detection systems and much better authentication."
It is estimated that the breach began in October of last year. To date, it is unclear how many of Citibank's approximately 5,700 branded ATMs in 7-Eleven stores were impacted.
Citibank, part of Citigroup Inc., has declined to comment on the technique or how many customers' accounts were compromised. It said it notified affected customers and issued them new debit cards.
"We want our customers to know that, consistent with legal requirements, we do not hold them responsible for fraudulent activity in their accounts," the bank said in a released statement.
Citibank, however, does not own or operate the machines. The Houston-based Cardtronics Inc. owns all the machines, but only operates some, while the Brookfield, Wis.-based Fiserv Inc. operates the remaining machines.
To date, a public explanation has not be released on how exactly the information was attained. The AP reported the hackers broke into the ATM network through a server at a third-party processor, an approach that would remove the need to deal directly with the ATM machines.
Don Jackson, director of threat intelligence for SecureWorks Inc., told the AP he has seen an "alarming" spike in the number of attacks on back-end computers for ATM networks over the past year.
"This was fairly large, but I don't think it's anything out of the ordinary -- these kinds of scams go on every day," Jackson told the AP. "What makes this case unique is the sheer luck of happening upon these guys and catching them red-handed. But there are a whole lot of other ATM and PIN compromises going on that aren't reported."