An Israeli computer hacker arrested in Canada last year on charges of stealing some $1.5 million from Canadian banks may have coordinated the card-based thefts of more than $10 million from financial institutions in the United States, according to an affidavit by a Calgary Police Service investigator signed in September and released this week by Wired magazine. Ehud Tenenbaum, 29, is in custody in Canada awaiting a May 7 hearing on his extradition to the U.S. Darren Hafner, a detective in the Calgary Police Service's commercial crimes unit, supported Tenenbaum's extradition in his Sept. 22 affidavit in the Court of Queen's Bench of Alberta for the Judicial District of Calgary. Charges by U.S. prosecutors against Tenenbaum have been sealed. But the affidavit reveals broader details about the alleged extent of thefts on credit, debit and prepaid cards issued in the U.S. The affidavit says the U.S. Secret Service ties Tenenbaum to an international conspiracy in which hackers provided stolen card and account information to purchasers who created counterfeit cards. "Cashing crews" allegedly used the credit, debit and prepaid payroll cards to withdraw large amounts of cash from ATMs around the world. Two victims of those attacks were Ft. Worth, Texas-based OmniAmerican Bank and Irvine, Calif.-based Global Cash Card, according to the affidavit. "The approximate actual loss due to these two breaches is over $1 million. However, the potential loss could have exceeded $10 million to $15 million," Hafner says in the affidavit. In April and May 2008, the U.S. Secret Service began investigating network intrusions at two other institutions, South Bend, Ind.-based 1st Source Bank and Symmetrex Inc, a Maitland, Fla.-based transaction processor whose debit card funds are backed by Storm Lake, Iowa-based MetaBank.