The FBI is investigating a massive, highly coordinated ATM scam involving cloned payment cards that used data stolen from Atlanta-based payment processor RBS WorldPay.
The attack, which occurred in November in several cities across the country including Atlanta, Chicago and Los Angeles, was well-coordinated, said Special Agent Steve Lazarus of the FBI's Atlanta field office.
"The people who did it are very computer savvy," he said.
He would not say how much money was stolen, but according to published reports, the criminal ring made off with $9 million. The thieves used stolen and cloned payroll debit cards and reloadable gift cards, Lazarus said. Payroll debit cards can be used by employers to pay employees.
Lazarus said the fraud ring involved a large number of people but declined to say how many.
The scam started when hackers broke into RBS WorldPay's computer system and worked with "cashers" who took actual cards to ATMs and withdrew money in timed, coordinated attacks, according to the FBI. The attacks, according to published reports, occurred in a short time period on Nov. 8.
RBS WorldPay, the U.S. payment processing arm of the Royal Bank of Scotland, reported on Dec. 23 that personal information of about 1.5 million pre-paid cardholders and other individuals was compromised when its computer system was hacked. The company said that actual fraud was committed on approximately 100 cards.
Another payment processor, Heartland Payment Systems Inc., disclosed in January that criminals broke into its processing system last year.