A Florida-based financial services firm lost about $13 million due to a sophisticated and highly coordinated computer security breach last spring.
In its first quarter financial report, Fidelity National Information Services disclosed that 7,170 prepaid debit card accounts had potentially been compromised by hackers, leading to loss of approximately $13 million. The report contained few details, but said the situation had been remedied and federal investigators were engaged in the case.
After speaking to sources familiar with this investigation, computer security expert Brian Krebs reported the hackers apparently infiltrated the FIS computer system that governed the account balances on 22 prepaid cards. While hackers continually replenished the available balance on the cards, accomplices in a number of European countries, including Russia, Spain, Greece and Ukraine, used them to withdraw cash from ATMs.
Krebs compared the attack to a 2009 incident in which prepaid cards were used to obtain $9 million from a unit of the Royal Bank of Scotland. Prosecutors in that case alleged the masterminds were located in Estonia and Russia.
Eastern Europe has emerged as a global trouble spot for hacking. Ukrainian law enforcement agents recently arrested a number of individuals allegedly part of a cyber crime ring that used fake cards to steal about $20 million from U.S. banks.