Seven sentenced for skimming 175 Chicago-area restaurant customers’ credit and debit cards

 Breach Incidents, Business Sector, Insider, Skimmers, U.S.  Comments Off
Apr 172013
 

Sven defendants who illegally obtained personal banking information from patrons visiting Chicago area restaurants and attractions, including Wrigley Field and the Magnificent Mile’s RL Restaurant were sentenced today.

Defendants Joseph Woods, Britain E. Woods, Alex Houston, Jenette Farrar, Essence S. Houston, Kenyetta Davis and William Washington pled guilty and were sentenced for “skimming” personal banking information, which was used to make purchases of more than $200,000. The banking and credit card account information was stolen from customers who patronized Chicago area establishments, including Wrigley Field, RL Restaurant, a Chicago Taco Bell location and a McDonald’s restaurant in Berwyn.

Joseph Woods organized the scheme by paying the defendants, who were employees at the various establishments, to skim credit card information of paying customers using a small credit card reader provided to them by Woods and Washington. The employees swiped approximately 175 cards through the readers, enabling Woods to reproduce counterfeit credit cards and allowing Woods, Washington and Alex Houston to rack up thousands of dollars in charges.

“This case shows how prevalent identity theft is in everyday transactions,” Madigan said. “It should serve as a reminder to regularly check your credit card bills and financial statements for any unauthorized charges or debits, and report any suspicious activity before any significant damage can be done.”

The Attorney General said the seven defendants, all of Chicago, pled guilty and were sentenced in Cook County Criminal Court:

  • Joseph Woods, 33, pled guilty to Continuing a Financial Crimes Enterprise, a Class 1 felony, and was sentenced to five years in prison;
  • William Washington, 31, pled guilty to Continuing a Financial Crimes Enterprise, a Class 1 felony, and was sentenced to six years in prison;
  • Alex Houston, 23, pled guilty to Financial Institution Fraud, a Class 3 felony, and was sentenced to three years in prison;
  • Britain Woods, 34, pled guilty to Financial Institution Fraud, a Class 3 felony, and served two and a half months in jail;
  • Farrar, 35, pled guilty to Financial Institution Fraud, a Class 3 felony, and was sentenced to two years of felony probation; and
  • Essence Houston, 29, pled guilty to Financial Institution Fraud, a Class 3 felony, and was sentenced to two years felony probation; and
  • Kenyetta Davis, 33, pled guilty to Identity Theft, a Class 2 felony, and was sentenced to two years felony probation.

Madigan said financial institutions with accounts that were compromised in the scheme include Chase, U.S. Bank, Citibank, Harris Bank, American Express, Bank of America and Fifth Third Bank. The banks assisted in the investigation and notified victims to secure their personal information.

Madigan said identity theft is a significant threat to Illinois consumers. Last year, more than 2,500 identity theft complaints were filed with her office’s Consumer Fraud Bureau. Consumers reported incidents of fraudulent charges on their existing accounts, thieves opening new accounts in their names (including credit card, utility and cell phone accounts) and instances of bank fraud, such as stolen checks or fraudulent withdrawals made to a victim’s bank account.

Madigan urged consumers to contact her Identity Theft Hotline, (866) 999-5630 or TTY (877) 844-5461, for one-on-one assistance to report suspected incidents of identity theft to local law enforcement and financial institutions and for help repairing their credit and protecting their personal information.

The case was investigated by the U.S. Secret Service and referred to Madigan’s office for prosecution. Assistant Attorneys General Anshuman Vaidya and Robin Murphy handled the cases for Madigan’s Financial Crimes Bureau.

SOURCE: Attorney General Lisa Madigan

Steakhouse Data-Theft Leader Gets As Much as 13 1/2 Years

 Breach Incidents, Business Sector, ID Theft, Insider, Skimmers, U.S.  Comments Off
Mar 142013
 

Just to follow-up on previously reported breaches:

The leader of a ring of waiters who copied customer credit cards at New York steakhouses including Smith & Wollensky and the Capital Grille so accomplices could buy luxury goods was ordered to go to prison for as long as 13 1/2 years.

Luis “Damian” Jacas, 42, oversaw a network of servers at restaurants including Café Boulud and Wolfgang’s Steakhouse, prosecutors said.

Read more on Bloomberg BusinessWeek

NYC: 7 Indicted In Credit Card Fraud Scheme At Midtown Parking Garage

 Breach Incidents, Skimmers  Comments Off
Dec 062012
 

CBS News reports:

Seven people were indicted Wednesday on charges of stealing credit card information from customers at the Midtown parking garage.

The defendants were accused of using credit card-skimming devices to steal account information from the Eastway Tenant Parking Garage on West 49th Street, and creating counterfeit cards to buy Apple products at the B&H Photo and Video Store, on Ninth Avenue, between September and November 2011.

They were charged in a 165-count indictment with conspiracy, grand larceny, identity theft, criminal possession of a forged instrument, criminal possession of stolen property, and scheme to defraud.

The Manhattan District Attorney’s Office said Eastway garage parking attendant Chinoy Shaw, 27, used a small electronic skimmer to record unsuspecting customers’ credit card information from the cards’ magnetic stripes. More than 50 customers had their identities stolen, prosecutors said.

Read more on CBS. D.A. Vance’s press release can be found here and it mentions other garages and skimming incidents in NYC parking garages.

Ca: More charges in TTC Metropass, credit-card fraud scheme

 ID Theft, Non-U.S., Skimmers  Comments Off
Nov 122012
 

Chris Doucette reports:

Five men arrested earlier this fall for a major fraud scheme involving TTC Metropasses have been slapped with 69 new charges for allegedly stealing data from tens of thousands of credit cards.

Toronto Police said the investigation, dubbed Project Rocket, has continued since the accused were arrested Sept. 27 on 33 charges.

The bulk of the new charges have been levelled at one member of the alleged criminal organization.

[...]

“Investigators uncovered a multitude of files containing credit card data associated to some 30,700 individuals,” Nichol said.

When Ramasamy and the other men were busted, police claimed they had been using altered point-of-sale terminals to swipe credit-card information and create counterfeit cards, which the group then allegedly used for several months to buy Metropasses from TTC vending machines.

Read more on Toronto Sun.

Barnes & Noble discloses breach involving pin pads at dozens of stores (update2)

 Breach Incidents, Business Sector, Of Note, Skimmers, U.S.  2 Responses »
Oct 242012
 

Remember when Michael’s Stores found that pin pads in some stores had been replaced?  It looks like the same thing has happened to bookseller Barnes & Noble’s brick and mortar stores.  According to the New York Times,  the firm discovered the breach on September 14. As of now, it appears that pads at 63 stores were tampered with in the following states: California, Connecticut, Florida, New York, New Jersey, Rhode Island, Massachusetts, Illinois, and Pennsylvania. There have reportedly been some claims of fraudulent use of card numbers associated with the breach.

So when will B&N send notifications to consumers – or won’t they? They did notify card issuers, and if all B&N has is name and card number, they may leave it to the card issuers to  notify customers. The chain does suggest changing your PIN number, but doesn’t indicate how far back this breach might go. They do say that most fraudulent charges occurred in September.

Although the breach was detected on September 14, initial disclosure was delayed so as not to interfere with the government investigation.  That’s understandable and permissible, but consider this:

The company has received two letters from the United States attorney’s office for the Southern District of New York that said it did not have to report the attacks to its customers during the investigation, according to the official. At least one of the letters said that the company could wait until Dec. 24 to tell the customers.

Where did the USAO get that December 24th date? Were they asked specifically if they could delay that long so as not to interfere with holiday sales, or was the USAO guestimating how long the investigation would take or….?

There is no notice on B&N’s web site at the time of this posting.

Update 1:  Their notification and press release are now up on California AG’s web site.  I suspect media coverage resulted in the customer notification letter which is dated today.

Update 2: And now CT’s AG Jepsen has opened an investigation.

Image credit: Barnes & Noble by phototakeouterBX/Flickr.

FL: Auto part store investigating credit card fraud

 Breach Incidents, Business Sector, Skimmers  Comments Off
Oct 202012
 

WSVN reports:

An auto parts company is investigating potential incidents of credit card skimming at two of its South Florida stores.

Advance Auto Parts on Northwest 14th Street and 27th Avenue and the store on Northeast 119th Street and Biscayne Boulevard, are believed to have been affected, potentially compromising the credit card information of nearly 500 customers.

A spokesperson for the company releasing a statement: “Advance has no evidence that any customers’ payment cards have been misused as a result of this incident. Nevertheless, Advance has notified its payment card processors. As an additional precautionary measure, the company is sending letters to potentially affected customers whom it has been able to identify.”

So… how did they discover the skimmers? On their own or were they alerted by customers? And what are the odds that skimmers were installed but the data not misused?

 Older Entries