In an elaborate plan to hack into ATMs worldwide, four hackers were able to accrue $9.5 million in cash in a matter of hours. The hackers, Sergei Tsurikov, 25, of Tallinn, Estonia; Viktor Pleshchuk, 28, of St. Petersburg, Russia; Oleg Covelin, 28, of Chisinau, Moldova; and a fourth person identified only as “Hacker 3″ targeted the bank card processing company RBS WorldPay. By reverse engineering the PIN numbers assigned to payroll debit card accounts, the hackers were able to access millions of dollars and run.
RBS WorldPay, the payment-processing arm of the Royal Bank of Scotland, first noticed that they were hacked on November 10th. The hackers had actually gained access to sensitive information for 100 payroll cards and the social security numbers of about 1.1 million account holders on November 4th. Little did the company know that within 12 hours they would be out $9.5 million dollars. Once the hackers broken into the company’s accounts, they raised the amount of available funds on the cards, some withdrawal limits to as high as $500,000. After raising the limit, the hackers are described to have provided the account details to their “army of cashers,” around the world who hit more than 2,000 ATMs in less than 12 hours.
Tsurikov, Pleshchuk, Covelin and “Hacker 3″ face up to 20 years in prison for conspiracy, while Covelin is currently wanted by the NY government for cyber crimes committed earlier in the year.