Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Romanian authorities dismantle cybercrime ring responsible for $25 million credit card fraud

Sixteen suspected members of a cybercrime gang that stole credit card data from foreign companies were arrested in Romania

Romanian law enforcement authorities have dismantled a criminal group that stole credit card data from foreign companies as part of an operation that resulted in fraudulent transactions totaling US$25 million.

Officers from the country's organized crime police together with prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) executed 36 search warrants on Tuesday at residential addresses in several Romanian cities and arrested 16 individuals suspected of being members of the credit card fraud ring.

According to DIICOT, the group's members gained unauthorized access to computer systems belonging to foreign companies that operate gas stations and grocery stores, and installed computer applications designed to intercept credit card transaction data.

The applications were configured to store the captured data locally for later retrieval, upload it automatically to external servers or send it to email addresses controlled by the gang's members, the agency said. The stolen credit card information was then sold or used to create counterfeit cards.

For example, between December 2011 and October 2012 members of the group sold 68,000 credit cards at $4 each through a specialized online shop, making a profit of $270,000, DIICOT revealed.

The group opened several IT services companies in Romania and used them for the specific purpose of building and maintaining a computer infrastructure that would support its criminal operation, a DIICOT spokeswoman said Tuesday.

The spokeswoman confirmed that the companies targeted by the fraud ring are not from Romania, but declined to name them or reveal in which countries they operate because the investigation is ongoing.

The criminal operation resulted in fraudulent transactions totaling over $25 million being performed with 500,000 credit cards, the agency said Tuesday.

Even though 16 suspects have been arrested so far, DIICOT said that it plans to bring 20 individuals in for questioning in connection with the fraud operation.

The fact that the gang's members were able to capture credit card transaction data, suggests that the affected companies did not use end-to-end encryption in order to protect the data while in transit from their payment terminals to their payment processors.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: security, data breach, legal, fraud, cybercrime
Latest Blog Posts
Whitepapers
  • Simple, Proven, Tranformative
    A cheat Sheet for Google Apps for Business
    Learn more »
  • The Three Essential Steps to Successful Cloud Migration
    Businesses and enterprises have quickly realised the power and efficiency of cloud computing, but migrating to the cloud can be a challenging process. This guide leads you through the three key steps you should take to assess your workload, select the most appropriate cloud model and ensure your cloud provider’s migration methodology stacks up.
    Learn more »
  • eBook - Flash Buyers Guide
    This paper provides a guide for evaluating and selecting the best all-flash storage for your enterprise class environment. The detailed content covers all product classes and where they can be best applied to your circumstances, as well as what the key elements are for each to avoid potential pitfalls in the selection process.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Salary Calculator

Supplied by

View the full Peoplebank ICT Salary & Employment Index

Recent comments