FBI gets involved in the Indiana bank security breach

This is a story that keeps getting more interesting…

I have been closely following the news that I blogged about last week regarding 1st Source bank of Indiana that fell victim to a pretty serious security breach. 1st Source ended up reissuing their entire credit card portfolio to their customer base.

The latest news is that other banks in the Indiana area are now reporting that their customers are reporting fraudulent transactions. The link is that all of these other bank customers used 1st Source ATM’s around the same time the breach happened. From the IHT article:

“Bank officials said the victims they know of appear to have all used 1st Source Bank ATMs during the first 10 days of May. James Seitz, 1st Source senior vice president, said officials from his bank met with officials from other financial institutions on Wednesday to discuss the situation.

“As we’re piecing this puzzle together, it appears that there may be a common thread,” Seitz said.

A security consulting firm alerted 1st Source about a computer breach on May 12. The bank shut down its computer system and contacted authorities. Two weeks ago, 1st Source sent letters to customers asking them to monitor their accounts for suspicious activity.”

I’m starting to suspect that the ATM’s themselves were compromised or the bank’s back end servers were compromised as well. From what I know about PIN storage, the PIN information in Track 2 data (this is the data that was reported stolen) on a credit/debit card does not have to be encrypted (however it can be, just not required by the ISO standard) so either a card “skimmer” device was used (physically attached to the outside of the ATM’s) or this Track 2 data was pulled off the wire perhaps using a network sniffer installed on the ATM’s. It could be similar to the Dave & Busters security breach that happened a few months ago. Whatever method was used, it was enough to replay this data to a bunch of fake ATM cards and start withdrawing cash and/or charging items from locations overseas. Hopefully the public gets to find out what really happened once 1st Source get’s their act together.

Leave a Comment

Your email address will not be published. Required fields are marked *