[Dataloss] OfficeMax at center of major data-security breach with debit cards

J Isherwood ish at dolphtech.com
Tue Feb 14 15:33:53 EST 2006


http://www.sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2006/02/14
/BUGGQH7QK21.DTL
(I Believe that this ties right into the message lyger sent 2 days ago,
quoted for reference down below)

Ish...

___________________________________________________________________
OfficeMax at center of major data-security breach with debit cards
- David Lazarus,  Tuesday, February 14, 2006

OfficeMax is the Northern California retailer at the heart of a major
data-security breach affecting as many as 200,000 consumers, banking and
law-enforcement sources confirmed Monday.

They also said investigators are exploring the possibility that the Russian
mob or another Eastern European crime syndicate is responsible for accessing
U.S. consumers' debit-card numbers and selling counterfeit cards on the
black market worldwide.

Bill Bonner, an OfficeMax spokesman, said that to the best of his knowledge,
no security breach had occurred at any of the Illinois company's Northern
California outlets.

"I just can't say that happened," he said.

Still, Bonner declined to comment on whether OfficeMax is cooperating with
the FBI and Secret Service on their investigation into the debit-card theft.

"I can't make any comment on any law-enforcement investigations," he said,
adding that "we're trying to be responsible and not create any kind of
panic."

Four well-placed sources in the banking industry said it's possible that
OfficeMax can't yet say with certainty that a breach occurred because it
often takes investigators time to piece together a hacker's electronic
trail.

But they said there's no doubt that OfficeMax has made its computer system
available to federal authorities for their investigation.

Special Agent Karen Ernst of the FBI's Sacramento office declined to discuss
details of the case.

"It's an ongoing investigation being worked jointly with other agencies,
including the Secret Service," she said.

Numerous banks have replaced customers' debit cards in recent weeks,
including Bank of America, Wells Fargo and Washington Mutual.

An executive at one leading bank told me he spoke with senior officials at
OfficeMax shortly after news of the security breach broke in this column
last week.

He said he was surprised by the bank's decision to remain silent on the
matter. "I warned them point blank that they have to get out in front of
this," the exec said.

It appears that a hacker penetrated the computer network of an OfficeMax
outlet in Sacramento last fall, sources said.

They said the hacker may have gained access to account information for as
many as 200,000 customers, potentially downloading people's names,
debit-card numbers and secret codes used to validate transactions.

Bank officials said bogus charges related to the incident have cropped up
throughout Europe and Asia. Many have originated in former Soviet bloc
countries.

This has raised investigators' suspicions that the Russian mafia or another
Eastern European crime syndicate is behind the OfficeMax breach, sources
said.

In September 2004, a senior FBI official, Steven Martinez, testified before
Congress that the bureau's Internet Crime Complaint Center, or IC3, had
noticed an increasing number of cyber crimes involving Eastern Europeans.

"The FBI, through the IC3, has observed a continuing increase in both volume
and potential impact of cyber crime with significant international
elements," he said.

"Identifying such trends, as well as formulating an aggressive and proactive
counterattack strategy, remains a fundamental objective of the FBI's Cyber
Division."

It's unclear when the OfficeMax hack actually occurred. Banking industry
sources say they believe authorities were made aware of the situation in
December.

But they acknowledge that consumers' personal info could have been
endangered well before this time.

Oakland resident Alicia Vagts, 34, illustrates this possibility. She
discovered in October that someone in Estonia was running up about $2,500 in
fraudulent charges on her Washington Mutual debit card.

"I barely knew where Estonia was," she said. (It's on the Baltic Sea, right
next to Russia.)

Asked if she ever shops at office-supply stores, Vagts said she was a
frequent customer of OfficeMax while attending law school in Sacramento.

"I was there all the time, buying things for school," she said.

A Washington Mutual spokesman said it's not yet known whether Vagts' case is
linked to the security breach now being probed by federal investigators or
was a separate incident.

He and other bank reps said financial institutions are being extra cautious
in this latest case, replacing debit cards not just for OfficeMax shoppers
but also for an unspecified number of other people who may never have
visited the retailer.

But OfficeMax is the common denominator for most consumers affected by the
security breach.

San Francisco resident John Wilson, 52, said he has no doubt why he got a
new card in the mail this week.

"OfficeMax is the only office-supply store I've gone to where I've used my
debit card for the past two years," he said.

This isn't the company's first brush with fraud in Northern California.

Last month, a former worker at the OfficeMax outlet in the Alameda Towne
Centre was arrested for allegedly using a customer's credit card number to
pay about $1,000 in cell-phone bills.

Sgt. Dennis Hart of the Alameda Police Department said the suspect, Oakland
resident Chantalle Adrianna Allen, 19, admitted the theft after being taken
into custody.

He said the card in question belonged to the Odd Fellows, a fraternal
organization. A member of the group had purchased office supplies at
OfficeMax in December.

David Lazarus' column appears Wednesdays, Fridays and Sundays. Send tips or
feedback to dlazarus at sfchronicle.com.

Page C - 1
URL:
http://sfgate.com/cgi-bin/article.cgi?file=/chronicle/archive/2006/02/14/BUG
GQH7QK21.DTL 


-----Original Message-----
From: dataloss-bounces at attrition.org [mailto:dataloss-bounces at attrition.org]
On Behalf Of lyger
Sent: Sunday, February 12, 2006 3:27 PM
To: dataloss at attrition.org
Subject: [Dataloss] A bit more about the stolen debit cards

(forwarded from another mail list)

Date: Sun, 12 Feb 2006 09:42:20 -0500
Subject: A bit more about the stolen debit cards

Web of intrigue widens in debit-card theft case

http://news.com.com/Web+of+intrigue+widens+in+debit-card+theft+case/2100-102
9_3-6038405.html?tag=nefd.top

After receiving a call from CNET News.com about the investigation into the
200,000 cancelled credit cards, a Wal-Mart media representative refused to
answer questions but called attention to a statement released by the company
on Dec. 2, 2005. In the statement, Wal-Mart acknowledged that credit cards
used by some customers who bought gas at the company's Sam's Club stations
between Sept. 21, 2005 and Oct. 2, 2005, were compromised. Many Sam's Clubs
also accept debit cards.

....

But the trail doesn't end with Wal-Mart, said sources close to the
investigation. As investigators began to look into the recent rash of
unauthorized charges, they found that a large number of people whose debit
cards were compromised had one thing in common: they previously had shopped
at office-supply chain OfficeMax, said a banking source familiar with the
case. Two law enforcement sources also said OfficeMax is part of the
investigation but did not provide details.

None of the sources, who requested anonymity due to the ongoing
investigation, knew for certain whether OfficeMax had suffered a security
breach.

"We have not suffered any security breach to our knowledge," said William
Bonner, an OfficeMax spokesman, on Friday.

According to one banking official close to the case, OfficeMax has been
queried by at least one financial institution about the matter.

"This is why we don't reveal the names to the public," said the banking
official who requested anonymity. "We're not sure which customers may have
been ripped off in the Wal-Mart deal or whether OfficeMax was the problem."



More information about the Dataloss mailing list