Skip to main content

Exclusive: Indian card processor in $45 million heist is ElectraCard - sources

Two companies with major operations in India were the weak links that opened the door to a $45 million global cyber heist brought to light by U.S. authorities this week.

EnStage Inc, which operates from Bangalore, and ElectraCard Services, which is based in Pune, processed card payments for the two Middle Eastern banks that were hit in the theft, according to several people familiar with the situation.

U.S. prosecutors said on Thursday that hackers broke into two card processing companies, raising the balances and withdrawal limits on accounts that were then exploited in coordinated ATM withdrawals around the world.

The prosecutors did not name the two companies but said one was based in India and the other in the United States.

According to a U.S. official and a bank employee, who both spoke on condition of anonymity, ElectraCard Services was the company that processed prepaid travel cards for National Bank of Ras Al Khaimah PSC (RAKBANK). RAKBANK suffered a $5 million coordinated heist at ATMs around the world on December 21 last year, according to the U.S. indictment.

Ramesh Mengawade, the chief executive of ElectraCard Services and its parent company, Opus Software Solutions, could not be reached through his assistant or by email on Saturday. Calls to the mobile phone of another company official were not answered.

EnStage, which is incorporated in Cupertino, California, is the company that processed card payments for Bank of Muscat of Oman, according to a source close to Bank of Muscat. Bank of Muscat lost $40 million in a coordinated heist on February 19, according to Thursday's indictment.

Officials at enStage could not be reached on Saturday, either in Bangalore or in Cupertino. In a statement in the Times of India, Chief Executive Govind Setlur said the company has implemented security enhancements and monitoring since the theft.

"Our customers were adversely affected by this sophisticated crime," Setlur said in the statement. "We are deeply committed to information security, and we will continue to take all reasonable measures to ensure our networks are secured from criminal actors."

MORE WORK FOR BIG PROCESSORS?

Bank of Muscat has not commented on the case.

MasterCard, the network under which the cards used in the heist were issued, has said its security was not compromised. MasterCard bought a 12.5 percent stake in ElectraCard in 2010, ElectraCard has said.

Cyber security experts said the global scope and speed of the $45 million bank theft was unprecedented. The global gang had operatives in 27 countries who fanned out to thousands of ATMs in a matter of hours, withdrawing money using fraudulent prepaid debit cards, according to U.S. prosecutors.

The U.S. Justice Department gave details of the heist on Thursday in an indictment against eight men accused of being the New York cell of the organization. The department said seven of the men have been arrested.

The ringleaders of the global operation were believed to be outside the United States, but U.S. prosecutors have declined to give details, citing the continuing investigation. Germany is the only other country so far to announce arrests.

Eddie Schwartz, chief information security officer for RSA Inc, a firm that helps banks fight payment card fraud, said that it is not surprising that hackers would target banks that rely on Indian firms to process transactions.

_0">

Schwartz, who is based in Washington, said there is not as much government oversight in India as there is in the United States and Western Europe.

_1">

"Hackers view India as a target. It's got a fast-moving economy, a fast-moving IT infrastructure," Schwartz said.

_2">

Madeline Aufseeser, a senior analyst with Aite Group who follows payments processors, said she was relieved to learn that the case appeared to be limited to smaller processors.

_3">

"It looks like an isolated, very targeted incident," she said, noting that the major firms in the industry have highly sophisticated protocols to limit fraud damages.

_4">

The big players include First Data Corp, FIS, Galileo Mastercard Inc's Mastercard Integrated Processing Solutions, Tsys and Visa Inc's Visa Debit Processing Service.

_5">

Philip Philliou, managing partner of Philliou Partners LLC, a firm that helps banks and retailers select payment processors, predicted smaller processing firms will lose business as a result of this theft. Banks will decide they are not willing to assume the additional risk that comes with using smaller firms, he said.

_6">

(Additional reporting by Supantha Mukherjee in Bangalore; Writing by Eddie Evans; Editing by Eric Walsh)

_7">

Popular posts from this blog

Study Abroad USA, College of Charleston, Popular Courses, Alumni

Thinking for Study Abroad USA. School of Charleston, the wonderful grounds is situated in the actual middle of a verifiable city - Charleston. Get snatched up by the wonderful and customary engineering, beautiful pathways, or look at the advanced steel and glass building which houses the School of Business. The grounds additionally gives students simple admittance to a few major tech organizations like Amazon's CreateSpace, Google, TwitPic, and so on. The school offers students nearby as well as off-grounds convenience going from completely outfitted home lobbies to memorable homes. It is prepared to offer different types of assistance and facilities like clubs, associations, sporting exercises, support administrations, etc. To put it plainly, the school grounds is rising with energy and there will never be a dull second for students at the College of Charleston. Concentrate on Abroad USA is improving and remunerating for your future. The energetic grounds likewise houses various

Best MBA Online Colleges in the USA

“Opportunities never open, instead we create them for us”. Beginning with this amazing saying, let’s unbox today’s knowledge. Love Business and marketing? Want to make a high-paid career in business administration? Well, if yes, then mate, we have got you something amazing to do!   We all imagine an effortless future with a cozy house and a laptop. Well, well! You can make this happen. Today, with this guide, we will be exploring some of the top-notch online MBA universities and institutes in the USA. Let’s get started! Why learn Online MBA from the USA? Access to More Options This online era has given a second chance to children who want to reflect on their careers while managing their hectic schedules. In this, the internet has played a very crucial in rejuvenating schools, institutes, and colleges to give the best education to students across the globe. Graduating with Less Debt Regular classes from high reputed institutes often charge heavy tuition fees. However onl

Sickening moment maskless 'Karen' COUGHS in the face of grocery store customer, then claims she doesn't have to wear a mask because she 'isn't sick'

A woman was captured on camera following a customer through a supermarket as she coughs on her after claiming she does not need a mask because she is not sick.  Video of the incident, which has garnered hundreds of thousands of views on Twitter alone, allegedly took place in a Su per Saver in Lincoln, Nebraska according to Twitter user @davenewworld_2. In it, an unidentified woman was captured dramatically coughing as she smiles saying 'Excuse me! I'm coming through' in the direction of the customer recording her. Scroll down for video An unidentified woman was captured dramatically coughing as she smiles saying 'Excuse me! I'm coming through' in the direction of a woman recording her A woman was captured on camera following a customer as she coughs on her in a supermarket without a mask on claiming she does not need one because she is not sick @chaiteabugz #karen #covid #karens #karensgonewild #karensalert #masks we were just wearing a mask at the store. ¿ o