HUNTSVILLE —
Police may never find the culprits who stole or illegally used the debit and credit card numbers of Huntsville residents this spring, and, they warn, just because your accounts haven’t been hacked yet doesn’t mean they’re safe.
If you used a credit or debit card at Margarita’s restaurant over the past three months, a virus might have culled your information before it could be encrypted and then sold to underground markets, Huntsville police said.
At least 200 people over the past two weeks have reported incidents of stolen bank account information, and authorities said they suspect there are many more cases that have not been reported and many potential victims whose numbers have not yet been used by thieves.
During the investigation, authorities determined the common link between victims’ debit and credit card spending was the popular local restaurant, located off Interstate 45. Huntsville Police Chief Kevin Lunsford said several point of sale computers at Margarita’s were infected with viruses, but there is no evidence that the restaurant’s employees were at fault.
They’ve done everything they can to help us with this investigation,” Lunsford said. “Margarita’s didn’t do anything wrong.”
Initially, police did not make public the name of the restaurant under investigation for fear of hurting its business. But, as the number of victims grew, investigators began asking victims if they had used their cards at Margarita’s.
It’s not clear what type of virus infected the restaurant’s computers, but the U.S. Secret Service determined the technology was sophisticated enough to steal account information before it was encrypted by the merchant system, according to Huntsville police.
The Item was unable to reach a Secret Service representative familiar with the investigation before press time.
Merchant services and PCI compliancy
Margarita’s uses Sterling Payment Services for processing credit and debit card transactions. Sterling requires all of its systems to be compliant with Protection Card Industry standards.
Standards for PCI compliancy, developed in 2006, require inspection of each network system for vulnerabilities and risks. While it is standard practice, merchant services are not required to be PCI compliant under federal law.
Margarita’s pays an annual fee to process electronic transactions within PCI standards, which includes a quarterly check for vulnerabilities in the network.
Restaurant manager Gary Sipp said the last inspection would have occurred within the past three months.
Staff can only use the restaurant’s computers to check out diners, he said.
We can’t use the computers to search the web or anything,” he said. “They are dedicated for the point of sales system only.”
Margarita’s also updated its firewall protection in May, Sipp said.
Sterling provides services to nearly 1,200 restaurants, according to police. But only the few computers at Margarita’s in Huntsville were infected with the virus.
The complexity of credit and debit card information theft makes the search for offenders more difficult than finding a needle in a haystack, experts say.
Sam Houston State University computer science professor Andy Bennett said hackers use “key loggers” and “screen scrapers” within spyware and firewall protection to steal information. PCI compliancy is designed to prevent this.
They work bugs into those programs that stay resonant on your computer,” Bennett said. “What they do is run in the background and start searching for information. Anything that looks like a credit card, it records and emails itself off.”
Bennett said this is common practice in places with relaxed penalties for these type offenses — such as Russia, for example. Police have not ruled out the possibility of a culprit from overseas.
Victims of information theft
Reese Vaco, owner of Affordable PC Repair — specializing in security systems, data recovery and forensic analysis — is one of the victims of the virus. He was forced to order a new debit card when his account was breached recently. His wife, Tammy, an employee at the Texas Department of Criminal Justice administration office, said her bank account was hacked along with those of several of her coworkers after a dinner party at Margarita’s on July 1.
According to other victims who posted on The Item’s Facebook page, stolen credit and debit card numbers were used far from Walker County, in states like Florida, Georgia and locations overseas.
The underground credit card market in other countries is a reasonable explanation for why the reports of theft rose so rapidly, Vaco said.
Lots of stolen information are referred to as “dumps” in the underground market.
“I’ve seen 2,000 credit card dumps selling for 1,500 bucks,” Vaco said. “And they can have their choice (of card) if they want Visa, Mastercard, whatever they want.”
Police said it is possible that account information stolen from the restaurant could have been sold in bulk to underground markets. This means even people who have been unaffected so far, could be victims in the future.
Police encourage everyone who used a debit card at Margarita’s as of April 1 to consult with his bank to see if ordering a new card is necessary. Banks are required by state law to inform customers when they have been breached, but not all banks are required to file a police report without a request.
Investigation progress
Since June 16, the Huntsville Police Department has received 85 reports of account information theft. Forty-nine of those reports involve use of cards between July 6-8, but official records do not show how many of them are related to the restaurant.
Lunsford and Lt. Curt Landrum estimate that more than 90 percent of the most recent victims used their debit cards at Margarita’s within a two-month span.
The Walker County Sheriff’s Office estimates that there has been nearly 100 reports within the past two weeks. The University Police Department received 11 similar reports as of July 7. UPD Chief Deputy James Fitch said late last week the department was still getting around five reports a day.
Even though the frequency of the reports have dwindled over the past week, police said they anticipate more reports this week. Lunsford said he did not want to speculate on the likelihood of finding the hackers, but acknowledged that if the virus came from overseas, it would add to the complexity of the investigation.
If that’s the case, there is a whole new set of issues to deal with,” Lunsford said. “I think it’s too early in the investigation to try to determine the likelihood of an arrest. With all the local agencies working with the federal agencies, I think there is greater likelihood of finding them than if we weren’t all in it together.
But at this point, it’s just too early to try to make a guess.”
Local News
July 16, 2011
Not yet into the clear
Viruses in Margarita’s point of sale computers source of debit, credit account theft; no evidence of inside job
- Local News
-
-
Artist has works at Wynne Home and Crazywood
Coming full circle, artist Bill Haveron is back in Huntsville showing art he first decided to create while living here 35 years ago.
-
NW teacher charged with felony
A former New Waverly teacher and powerlifting coach was arrested and charged Wednesday with having an improper relationship with a female student.
-
Autorama to consume fairgrounds on Memorial Day
Shiny chrome, custom paint jobs, oiled-up wheels and the best-of-the-best of classic and late-model vehicles will be on display Monday during the Huntsville Autorama.
-
Man indicted for sexual assault
A Conroe man already serving 10 years in prison could be facing a life sentence after he was officially charged with the 2010 rape of a 13-year-old Walker County girl.
-
Sporting clay event to be held this weekend
Sporting clays brings the best of the hunting and golf worlds together in a unique sport that dates back to the early 1900s.
-
Only the Freshest
-
Bank robbery suspect indicted
A New Waverly man who claimed to have an explosive device in an attempt to rob a Huntsville bank almost three months ago was indicted by a Walker County grand jury Thursday.
-
Linklater screening event to benefit historical commission
Richard Linklater, a native of Huntsville and Oscar nominated writer and director will be returning to Huntsville to reveal his successful 2011 film, Bernie.
-
New Waverly VFD saves house
Emergency responders quickly extinguished a fire before it caused serious damage to a home in southern Walker County on Tuesday afternoon.
-
Fresh Face at City Hall
- More Local News Headlines
-
Police: Man Arrested in Etan Patz Disappearance
Hurricane Forecast: 15 Named Storms Expected
NYC Protests: the Revolution Will Be Scripted
Chicago U.S. Attorney Fitzgerald Resigns
Neighbors of Etan Patz's Suspect: It's Shocking
Search Intensifies for Missing Louisiana Woman
Bloomberg: Man Implicates Self in Etan Patz Case
NYPD: Person Implicated in Etan Patz Death
Raw Video: Fire on Nuke-powered Sub in Maine
Illegal Burn Suspected in Nevada Fire
Obama: 'We've Got More Work to Do'
Astrologers Predict Outcome of Presidential Race
Gulf Fishermen Reel From Seafood Troubles
Stuntman Makes Skydive Without Parachute in UK
FAMU Bandmates: Victim Volunteered to Be Hazed
Raw Video: Bride Who Faked Cancer Released
Raw Video: Tornado Appears During Wedding
Raw Video: Passed Out Man Robbed
Inquiry Hears Wider Secret Service Misbehavior
HP to Cut 27,000 Jobs, Save Up to $3.5B
