Union Savings Bank (USB) representatives noticed that some of the debit cards issued by the financial institution were used to commit fraud that leveraged prepaid cards. They determined that the account information utilized by the fraudsters was stolen as a result of the Global Payments incident.
According to security journalist Brian Krebs, USB notified Visa after realizing that the private school's cafe where most of the cards were used was actually a Global Payments customer.
Shortly after, the bank was contacted by Tony Higgins, a fraud investigator who worked for Safeway Inc, a grocery store chain in Nevada and Southern California.
The institution learned from Higgins that the crooks purchased Safeway prepaid cards from the stores. On the magnetic stripes of these cards they encrypted account information from USB.
To make their trail hard to follow, they used them to purchase other prepaid cards with which they bought electronics and expensive products.
The investigator told Doug Fuller, USB’s chief risk officer, that the fraudsters were committing their crimes mostly in Las Vegas, but also in nearby states. He believed that they were actually from Los Angeles and San Diego, but came to Vegas to make use of the payment cards.
Apparently, around 1,000 Union Savings Bank debit accounts were compromised as a result of the Global Payments breach, the losses suffered by the organization totaling up to $75,000 (57,000 EUR), plus another $10,000 (7,600 EUR) which it spent on reissuing cards.
Higgins told the risk officer that the Bank of Oklahoma and Fulton Bank were also on the list of victims.
While Global Payments representatives hold on to their side of the story, claiming that no more than 1.5 million accounts have been compromised, others believe that more than 7 million card owners may be exposed.