RBS WorldPay Hacker Extradicted to Atlanta
Via Office of Inadequate Security.
The U.S. Attorney’s Office for Northern Georgia issued a press release [.pdf] today announcing the extradition of Sergei Tsurikov, one of the alleged leaders of the Eastern European cybercrime group that hacked into RBS WorldPay in Atlanta in 2008. Tsurikov had been indicted in November 2009 on federal charges of conspiracy to commit wire fraud, wire fraud, conspiracy to commit computer fraud, computer fraud, and aggravated identity theft. Also indicted at the time were Viktor Pleschuk, 29, of St. Petersburg, Russia, Oleg Covelin, 29, of Chisinau, Moldova, and an unidentified individual. TIgor Grudijev, 32, Ronald Tsoi, 32, Evelin Tsoi, 21, and Mihhail Jevgenov, 34, each of Tallinn, Estonia, were indicted at the time on charges related to access device fraud.
According to United States Attorney Sally Q. Yates, the charges and other information presented in court, during November 2008, Pleschuk, Tsurikov, and Covelin allegedly obtained unauthorized access into the computer network of RBS WorldPay, the U.S. payment processing division of the Royal Bank of Scotland Group PLC, located in Atlanta. The processor is the fourth largest in the U.S. according to a recent statement by the bank.
The indictment alleges that the group used sophisticated hacking techniques to compromise the data encryption that was used by RBS WorldPay to protect customer data on payroll debit cards. Once the encryption on the card processing system was compromised, the hacking ring allegedly raised the account limits on compromised accounts, and then provided a network of “cashers” with 44 counterfeit payroll debit cards, which were used to withdraw more than $9 million from over 2,100 ATMs in at least 280 cities worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada. The $9 million loss occurred within a span of less than 12 hours.