Citibank, the world's largest bank in terms of assets, notified the FBI in February that a Citibank server that processes ATM withdrawals at 7-Eleven Inc. convenience stores had been breached, according to documents obtained Wednesday by ATM&Debit News, a CardLine sister publication. Citibank identified all of the compromised account numbers, and according to a sworn affidavit by FBI Special Agent Albert Murray, bank officials said the compromised accounts were used to make fraudulent cards. Thieves then used the cards to make hundreds of ATM withdrawals all over New York City in February, according to the affidavit. On Feb. 20, for example, two withdrawals totaling $3,000 were made at a Brooklyn, N.Y., Citibank branch. Earlier that same day, at another Brooklyn branch of Citibank, the compromised account numbers were used to withdraw $5,000. Citibank notified the FBI after bank officials noticed something was amiss with ATM withdrawals in Brooklyn. In January, the New York City-based bank, which has 134 branches in the city, began limiting ATM withdrawals. At the time, Citibank officials, not realizing the complexity of the fraud, said criminals were "skimming" legitimate cardholders' debit card numbers. The thieves then manufactured fraudulent cards and illegally withdrew money from legitimate customer accounts.

Subscribe Now

Authoritative analysis and perspective for every segment of the payments industry

14-Day Free Trial

Authoritative analysis and perspective for every segment of the industry