Hackers Take $45 Million in Global ATM Theft

Published: 10 May 2013


Hackers stole $45 million in a matter of hours by exploiting the weaknesses of bank databases during a heist carried out across at least 27 countries, Time Magazine reported. Seven individuals were arrested in the United States, and law enforcement in at least 12 countries are still investigating.

The hackers infiltrated banks’ prepaid debit card databases, eliminated withdrawal limits, and then uploaded required access data onto magnetic strips -- anything from an expired credit card or a hotel key card would suffice, Time reported. Groups then dispersed across the globe, accessed ATMs using the fraudulent debit cards, and withdrew massive amounts of cash. They stole $5 million in a few hours in December and $40 million in February. Once loaded up with the stolen cash, the thieves laundered the money through large purchases or sent it to their ringleaders.

A key security weakness that allowed the heist to occur is the antiquated system of magnetic strips used in the United States. The black strips of information found across the back of most American credit and debit cards are easily copied, erased and rewritten, if one has the requisite knowledge. Many countries have changed to more secure microchip-based card systems, but the influence of the US economy, and the apparent inertia towards a complete overhaul, means that magnetic strips are accepted in most locations across the globe, Time reported.

The seven arrested in New York were members of a local cell. The mastermind, as well as information on other cells, remains the subject of investigation. Those arrested in New York face charges of money laundering and conspiracy, and could be jailed for up to 10 years if convicted, Time reported.