Hacker Caught in RBS WorldPay Breach

It was reported in March that the Russian authorities arrested Viktor Pleshchuk, of St. Petersburg, and others as the mastermind s behind the $9.5 million ATM heist of RBS WorldPay, based in Atlanta.

RBS WorldPay, the payment-processing arm of the Royal Bank of Scotland, provides a multitude of electronic payment processing services, including debit card transactions, electronic benefits transfer payments (EBT), gift cards, customer-loyalty cards, prepaid cards, credit card and ATM-processing services. RBS WorldPay discovered in November 2008 that it’s system had been breached. The breach involved access to 100 payroll cards and obtained the Social Security numbers of over a million account holders.

The 16-count indictment charges that the four hackers "compromised the data encryption" that RBS WorldPay used on payroll debit cards to raise the amount of funds available on the cards, as well as withdrawal limits. Payroll debit cards are used by employers to pay employees instead of checks. In some cases the hackers raised the limits to $500,000.

According to the indictment, Tsurikov conducted reconnaissance of the RBS network after Covelin provided him with information about vulnerabilities in the system. Pleshchuk and Covelin then worked on exploiting the vulnerabilities to obtain access on November 4. Pleschuk allegedly developed the method for reverse-engineering the encrypted PINs.

Once the hackers raised the account limits, they provided an army of cashers with 44 cards embedded with the account details for a coordinated, simultaneous attack on ATMs around the world. On November 8, 2008, the cashers were instructed to begin siphoning money, and they hit more than 2,000 ATMs in less than 12 hours, netting about $9.5 million.

Sheller, P.C. has a suit filed against RBS WorldPay for this breach. If you or someone you know has been affected by this breach, please contact Sheller, P.C.