For those of you who have been buried eTech this week or ignoring the news while planning you SXSW trip … you may have failed to notice the news coverage for recent ATM compromises.

Bruce Schneier is blogging about the “class break of Citibank ATM cards in Canada, the UK, and Russia” and the Danish ATM skimming issue.

Gartner has a great report summarizing this and the protective measures.

Citibank’s actions follow similar measures taken by other U.S. banks, which have reissued ATM cards after customers’ cards were compromised, allegedly through a retailer security breach. Gartner believes that these combined bank actions reflect the largest PIN theft to date — and point to a new wave of “PIN block” card fraud. Gartner believes the banking industry is less than halfway through this latest scam, which will continue to affect large numbers of cardholders.

In “PIN block” schemes, hackers break into retailer servers and steal PIN blocks that represent encrypted PIN data (which, along with card numbers, is sent to processors that execute PIN debit transactions). The thieves also steal terminal keys used to encrypt PINs. These keys are typically stored on retailers’ terminal controllers. Armed with the PIN block and terminal encryption key, the thieves can determine a cardholder’s PIN, then create counterfeit cards that enable them to withdraw cash at ATM machines. In this particular scam, the thieves probably also stole (likely from a retailer) magnetic-stripe data found on the back of ATM cards, which large banks typically validate.

This is why it’s important to always read your bank/credit card/debit card statement at least every month, if not weekly online. Fraud must be reported as quickly as possible to prevent consumer liability. Also, beware using “white label” ATMs as they may charge higher fees and do not always guarantee the same level of security as bank branded ATMs usually provide. Although after the Citibank incident, this may not be much.

Update: More information from C-Net News.

Update: The Consumeris has a great article with many more details about the decent hacks. Also, their prior article on ATM fraud w/ update. Many people are blaming OfficeMax, Wal-Mart, Sam’s Club, and Office Depot for the compromises but it’s still unknown whether it was a compromise at the retailers or the acruirers/processors themselves.

Advertisements