Hackers Charged in RBS WorldPay Breach | eWeek
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Hackers Charged in RBS WorldPay Breach

Written By
Brian Prince
Brian Prince
Nov 10, 2009
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

A U.S. grand jury has indicted eight people in connection with the theft of more than $9 million from over 2,100 ATMs in at least 280 cities around the world.

The indictment accuses Viktor Pleshchuk, 28, of St. Petersburg, Russia; Sergei Tsurikov, 25, of Tallinn, Estonia; Oleg Covelin, 28, of Chisinau, Moldova; and an unidentified individual of a variety of conspiracy and fraud charges. In addition, Igor Grudijev, 31, Ronald Tsoi, 31, Evelin Tsoi, 20, and Mihhail Jevgenov, 33, all of Tallinn, Estonia, were indicted on charges of access device fraud.

According to authorities, the group broke into a computer system at RBS WorldPay, the payment-processing division of Royal Bank of Scotland Group. Once inside, the cyber-thieves reputedly cloned prepaid ATM cards and used them to swipe the loot last November.

“This investigation has broken the back of one of the most sophisticated computer hacking rings in the world,” said acting United States Attorney Sally Quillian Yates in a statement. “This success would not have been possible without the efforts of the victim, and unprecedented cooperation from various law enforcement agencies worldwide.”

According to the indictment, the group compromised the data encryption that was used by RBS WorldPay to protect customer data on payroll debit cards. Once the encryption on the card processing system was broken, some of the defendants allegedly raised the account limits on compromised accounts and gave 44 counterfeit payroll debit cards to a network of “cashers” to steal the $9 million. The funds were taken from ATMs across the world, including the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada.

Underscoring thecoordination of the attack, the $9 million was stolen in less than 12 hours. According to the feds, the hackers used the cashers to transmit the bulk of the money back to the group via WebMoney accounts and Western Union. The cashers were allowed to keep 30 to 50 percent of the stolen funds.

Throughout the duration of the theft, the masterminds monitored the ATM withdrawals in real time from within the computer systems of RBS WorldPay, authorities said. Once the withdrawals were completed, the group tried to cover their tracks on the RBS WorldPay network by destroying and attempting to destroy data.

The indictment seeks forfeiture of more than $9.4 million of proceeds of the crimes from the defendants.
Brian Prince
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information