The stories you want. The opinions that matter.
No, thanks
Tag: credit card fraud
Dairy Queen Joins List Of Retailers Hit By Hacker Attack

Dairy Queen Joins List Of Retailers Hit By Hacker Attack

By Mike Hughlett, Star Tribune (Minneapolis)

Dairy Queen has become the latest victim of computer hackers bent on pilfering customers’ credit and debit card information.

The Edina, Minn.-based ice cream and fast-food chain confirmed Wednesday that “customer data at a limited number of stores may be at risk.”

The company didn’t disclose how many customers or how many stores were affected.

“We are gathering information from a number of sources, including law enforcement, credit card companies, and processors,” Dairy Queen said in a statement.

Dairy Queen’s acknowledgment came after the website Krebs on Security, which is run by cybersleuth Brian Krebs, reported a possible breach at DQ. Citing unnamed sources, Krebs wrote that a pattern of fraud suggests some DQ stores were compromised as early as June.

Dairy Queen has several thousand stores in North America, and is owned by Warren Buffett’s Berkshire Hathaway.

In a statement, Dairy Queen said “the protection of customer data is a top priority for us and our franchisees, and we take it seriously.” The company said that it had been notified recently along with many other companies of a data breach due to the spread of “Backoff” malware.

On Friday, the U.S. Department of Homeland Security said that more than 1,000 U.S. retailers could be stricken with Backoff, malware — short for malicious software — discovered last October. Both United Parcel Service and Supervalu appear to have also been hit by the bug, which burrows into retail point-of-sale systems.

Eden Prairie-based Supervalu warned on Aug. 16 that hackers had breached its computer systems, which contained customer information from 1,016 grocery and liquor stores around the country, including 60 outlets in Minnesota. Supervalu, which owns the Cub Foods chain, said its computers were hacked between June 22 and July 17.

Minneapolis-based Target Corp. fell prey to a huge data breach during the 2013 holiday shopping period. It exposed the financial and personal data of 70 million customers, costing the retailer around $150 million so far.

Michaels Stores, Neiman Marcus, and P.F. Chang’s are among other large national retailers hit by cyberthieves in recent months.

Photo: StormKat via Flickr

Interested in national news? Sign up for our daily email newsletter!

Russian Man Accused Of Stealing 200,000 Credit-Card Numbers

Russian Man Accused Of Stealing 200,000 Credit-Card Numbers

By Erin Heffernan, The Seattle Times

SEATTLE — The U.S. Secret Service has arrested a Russian man indicted on charges that he stole more than 200,000 credit-card numbers from U.S. retailers.

According to Secret Service officials, Saturday’s arrest marks one of the agency’s most significant busts of an alleged cybercriminal dealing in stolen credit-card information.

Roman Seleznev, 30, of Moscow, is accused of creating and operating a fraud scheme that used servers located all over the world to hack hundreds of businesses across the U.S. from October 2009 to February 2011. He was indicted in March 2011 in Seattle.

He was apprehended Saturday in a location that has not yet been made public, according to the U.S. Attorney’s Office, and was transported to Guam for an initial court appearance. Seleznev is awaiting a second hearing scheduled for July 22.

In a statement Monday, the U.S. Attorney’s Office said Seleznev’s charges included bank fraud, intentionally causing damage to a protected computer, obtaining information from a protected computer, possession of 15 or more unauthorized access devices, trafficking unauthorized access devices, and aggravated identity theft.

According to the 2011 indictment, which was released Monday, Seleznev’s operation accessed computers and installed malware that identified and stole credit-card information.

Seleznev is accused of renting and operating servers located all around the world, in such places as Ukraine and Russia, to break into the computers.

The indictment states that Seleznev and his associates would then sell the numbers in online forums for cybercriminals charging $20 to $30 for the majority of the stolen numbers.

The Secret Service’s Seattle office was alerted to the thefts in November 2010, when customers at the former Broadway Grill on Capitol Hill complained of fraudulent charges on their cards, according to Secret Service agent Bob Kierstead.

Two Seattle Police Department detectives aided the Secret Service Electronic Crimes Task Force in the investigation, Kierstead said.

“The attacks were very sophisticated. You’re dealing with skilled hackers,” Kierstead said. “But they left signatures, or the equivalent of electronic fingerprints, that helped us track them.”

Investigators were able to identify Seleznev as a suspect within two to three months, Kierstead said.

“What took a painstaking amount of effort and time on our part after identifying him was actually tracking him down to make an arrest,” Kierstead said.

The indictment estimates that revenues from the scheme exceeded $2 million for Seleznev and his associates through the sale of more than 140,000 credit-card numbers.

“The bank and credit-card industry is going to take the financial loss in these situations,” Kierstead said. “As long as the card holders reported it after it happened they should get their money back.”

The indictment estimated loss to financial institutions that issued the hacked cards exceeded $1.7 million.

“As we rely on our credit cards more and more,” Kierstead said, “we become vulnerable for these types of attacks and need to work to make sure we are protected. But in the end no system is perfect; these really skilled hackers can find a way in.”

Photo: StormKatt via Flickr

Interested in national news? Sign up for our daily email newsletter!