Four charged with hacking Subway, other retailers


Fo

English: Subway logo and slogan taken from mar...

Image via Wikipedia

ur Romanian nationals have been charged with remotely hijacking the credit card processing systems of more than 150 Subway restaurants in the United States, along with dozens of other unnamed retailers, the federal prosecutors announced Thursday.
Enhanced by Zemanta

Source link

The defendants, all in their 20s, compromised the credit card data of 80,000 customers and made millions of dollars in unauthorized purchases, according to the U.S. Department of Justice. Starting in 2008 and through May of this year, the defendants hacked into more than 200 U.S.-based merchants' point-of-sale (POS) systems, which are used to process transactions.

The defendants - Adrian-Tiberiu Oprea, 27, of Constanta; Iulian Dolan, 27, of Craiova; Cezar Iulian Butu, 26, of Ploiesti; and Florin Radu, 23, of Rimnicu Vilcea -  each were charged in New Hampshire with conspiracy to commit computer fraud, wire fraud and access device fraud.

Oprea was arrested last week in Romania and is currently in custody there. Butu and Dolan were both arrested in mid-August upon entering the United States. Radu remains at large.

The defendants scanned the internet to identify vulnerable POS systems, then logged in to the targeted devices either by guessing the passwords or using password-cracking programs, federal prosecutors said. They then installed keyloggers on the systems that would record any data keyed into or swiped through the machines. 

After being logged, the data was electronically transferred back to the attackers' servers. The defendants installed backdoor trojans onto the POS systems, which  allowed them to access the devices later to install other malicious programs used to conduct the scam.

If convicted, each could face up to 40 years in prison. In addition, they face fines up to twice the amount of the fraud loss.

Kevin Kane, a Subway spokesman, told SCMagazineUS.com in an email Wednesday that the breach affected a "small percentage" of its restaurants. Following discovery of the intrusion, franchisees upgraded their point-of-sale registers.

"We now have ... the most secure credit card processing [hardware] in the industry," Kane said. "There have been no issues since the upgrade, and consumers should be confident that it is safe to use their credit cards at Subway restaurants."

Source link


Enhanced by Zemanta

About this Entry

This page contains a single entry by Staff published on December 12, 2011 1:26 PM.

Walgreens Scanning Mobile Coupons at 7,700 Stores was the previous entry in this blog.

Intel and Kraft's iSample vending kiosks study shoppers is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Pages