Troubles at First Tech?

I’ve heard reports from a friend of mine that apparently 3000 First Tech Credit Union members were victims of an ATM scam. The gist of the scam is that someone had a scanner in the parking lot of the main branch ATM by Trader Joe’s in Bellevue and obtained the ATM codes there. The same reports state that First Tech members weren’t the only ones hacked. There’s a Washington Mutual branch right across the street and I wonder if some of their members were affected as well.

I’ve yet to find confirmed reports of this, (other than my friend’s first hand statement), but if you’re a First Tech member, you might want check your bank account balance and contact your local branch to see if you should get a new ATM card.

If anyone has more concrete information, post it in the comments.

5 Comments so far

  1. ryan (unregistered) on February 2nd, 2008 @ 8:17 pm

    I have a first tech account, and I got a letter yesterday informing me "Visa USA Fraud Control identified a data breach involving a retail merchant or their processor."

    I get a new ATM/check card soon. Lameo!


  2. Josh (unregistered) on February 3rd, 2008 @ 1:13 am

    If it were possible to get useful information out of an ATM by sitting near it with a scanner, there’d be a hell of a lot more fallout than 3000 customers at one bank. For one, it’d probably mean that 3DES had been broken.

    A skimmer seems more likely, but 3000 seems pretty high for one of those.


  3. Alan (unregistered) on February 3rd, 2008 @ 12:48 pm

    The fraudsters did not need to crack 3DES. The alert that I received indicated that concealed cameras were used to intercept the PINs. I was personally affected by this. My checking account was emptied last weekend.


  4. Melissa (unregistered) on February 15th, 2008 @ 5:04 pm

    I received an email to this effect from First Tech. Here’s the gist of it:

    "…A card skimming device was illegally attached to the First Tech Overlake Branch ATM…at 156th Ave NE…randomly between 10.01.07 and 11.28.07.

    ‘Skimming’ occurs when fraudsters attach card reading devices to machines, such as ATMs, that can scan card information. Then, the fraudsters use CAMERAS (emphasis mine-Melissa) to capture PINs. Using the skimmed information and captured PINs, fraudsters produce a duplicate card to make purchases and withdrawals.

    …We have identified that you used the Overlake Branch ATM during the identified timeframe and your card information may have been compromised. THIS INFORMATION DID NOT INCLUDE YOUR…MEMBER ACCOUNT NUMBER, SSN OR BIRTH DATE…you have no liability for any fraudulent transactions…if you report them within 60 days of the date you receive your monthly statement."

    They’re replacing my card and PIN #. They advise people to check for suspicious equipment on the machine, and to be aware of people around you and cover the keyboard when entering your pin. (I normally am careful when there are people around, but would never have thought of having to hide it from hidden cameras!)

    The interesting thing is, the ATM is INSIDE the little ‘airlock’ lobby, you have to swipe your card on an outside card-reader (which apparently responded to ANY magnetic strip, not just an ATM’s) in order to get IN to the ATM. Someone notes at http://www.thisdev.com/2008/02/fake-security-is-worse-than-no-security.html, that it’s likely someone installed the skimmer on the little OUTSIDE "fake security" reader, and that the perpetrator would’ve been able to access the lobby to install the camera that way.

    I guess the takeaway lesson is, a) Try a safe, non-debit card first if you come across one of those little "security swipers", such as a grocery card, b) Watch out for unrecognized ‘outies’ (vs. ‘innies’) on ATM’s and doors, and c) ALWAYS cover your PIN # when entering it.

    Some before and after skimmer pics are available at: http://mgeisler.net/images/skimming-before.jpg and http://mgeisler.net/images/skimming-after.jpg.

    It’s scary to think that I might not have even noticed such a thing: I normally consider myself "up" on all the latest frauds and scams.


  5. Patricia Eddy (unregistered) on February 15th, 2008 @ 5:10 pm

    Melissa,

    Wow, this is great information. I never would have noticed a device like that (or rather, I would have assumed it was supposed to be like that).

    As always, it appears you can never be too careful.



Terms of use | Privacy Policy | Content: Creative Commons | Site and Design © 2009 | Metroblogging ® and Metblogs ® are registered trademarks of Bode Media, Inc.