Casino Rollers Use Security Loophole to Steal Over $1 Million from Citigroup
Simultaneous use of advance cash kiosks fools Citigroup’s account reconciliation system
Fourteen people have been arrested and are now on trial for allegedly organizing a bank robbery and stealing more than $1 million dollars from Citigroup.
The scam targeted a loophole Citigroup’s account security protocols handles electronic payments and took advantage of their cash advance kiosks. The group organized multiple nearly identical cash requests from the kiosks, each within 60 seconds of each other. The system interpreted these multiple requests as identical withdrawals and treated them as duplicates of only a single withdrawal. With this technique, they were able to multiply their actual withdrawal by fourteen while only drawing one of those payments from the actual account.
Using this method, the group was able to steal more than $1 million, one $10,000 transaction at a time. Keeping each withdrawal amount under $10,000 allowed them to avoid federal transaction reporting requirements. After they acquired the money, the group used the stolen cash to gamble at the local casinos.
It has been reported that the Citigroup loophole has now been closed.
Original article by Dan Goodin.
Read the full story here.
Leave a comment
Some small organizations continue to use customer data to generate initial passwords, Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more
Risk isn’t the only thing to consider when planning a decision tree. Another one of t Read more
While we’re not a news service, we often use current events to comment on trends and Read more