Paying with a card is considered a secure form of payment, but the truth is if you swipe your card or order online nowadays, you put your credit card and your financial security at potential risk. According to the Federal Reserve, in 2012, the estimated number of unauthorized transactions (third-party fraud) was 31.1 million instances, with a value of $6.1 billion.
Today’s hackers have the capability of stealing account numbers, PINs and other personal information and going on spending sprees at the expense of consumers and banks.
Here are some of the most diabolical credit card scams of all time.
1. TJX (TJ Maxx/Marshall’s/Home Goods)
Stolen: 40 million credit cards, resulting in about $1 billion stolen.
A security breach in December 2006 showed that 94 million customer credit cards had been exposed. Officials ended up apprehending legendary hacker Albert Gonzalez and sentencing him to 40 years in prison. He was working with 11 other hackers on the TJX system, which didn’t have any firewalls.
2. Best Western
Stolen: Guest credit card details over three months at the hotel chain’s 1,300 hotels, resulting in at least $4 billion stolen.
No one was caught in this heist that gave thieves the information they needed to tap the Best Western IT network and obtain credit card numbers, as well as addresses and phone numbers, the latter of which gave them the information they needed to steal identities.
Stolen: 70 million debit/credit cards affected and personal information, including addresses and phone numbers. Estimated cost to Target over $2 billion.
One of the largest data breaches on record, this hit just in time for the 2013 holiday shopping season. They initially reported that 40 million debit/credit cards were affected, but later said that the number was much higher. It was caused by a new, sophisticated malware.
4. Home Depot
Stolen: 56 million debit/credit cards exposed, Total cost: Still unknown
Caused by the same new variant of a particularly dangerous malware that affected Target, this security breach has caused a ripple affect across the U.S., with fraudulent charges popping up all over. The card numbers were sold on the black market, and the results are likely to be felt for a long time.
Stolen: 3 million customer debit/credit cards exposed
The attack on Michaels/Aaron Brothers was so insidious, that two independent security firms initially found nothing out of the ordinary when they investigated. It took weeks of searching for them to discover that the credit cards had been accessed with a sophisticated malware that the security firms hadn’t yet encountered.
This breach wasn’t the first for the company, which reported in 2011 that criminals had replaced PIN pads in stores across the country and stole 94,000 debit/credit card account numbers. The two men who stole the cards were arrested attempting to use 1,000 of the cards at ATMs to withdraw money.
Stolen: $200 million
One of the largest credit card scams to be charged by the US. Department of Justice, this elaborate fraud scheme involved criminals inventing 7,000 fake identities so that they could obtain thousands of credit cards and steal at least $200 million. Part of the plan even involved doctoring credit reports so that the thieves could get increased credit lines. The heist spanned many countries, but in 2013 a total of 13 people in the New York and New Jersey area were caught and arrested.
Stolen: 140 million customer credit cards exposed. It has cost the company at least $12 million in payments to credit card issuers.
7-11 uses the credit card processing company Heartland Financial Systems, and in 2009 the company’s system was breached because of a weakness in the IT security. The thieves cut through the company’s firewall with a SQL injection attack. What made this attack especially surprising was the fact that Heartland had recently been certified as having a secure payment card system.
Stolen: 40 million Visa/Mastercard accounts breached
This Arizona-based credit card processor may have been hacked internally, leading to leaked customer information across the globe. The company reported that hackers installed a virus script that created the exposure of some cards.
9. Anup Patel and his Counterfeit Credit Cards
Stolen: 20,000 credit/debit cards stolen to collect $3.2 million fraudulantly
When you look at the numbers, this caper pales in comparison, but the incredible thing about it is that it was masterminded by a UK computer science student, Anup Patel, who worked with a partner, Anthony Thomas. The duo used a complicated method of installing hidden cameras at gas stations, gathering information and making counterfeit cards that they used to withdraw money at ATMs around the world.
Patel is reported to have led the police to him by his late night phone calls to the police where he compared himself to the famous American con artist Frank Abagnale Jr., who was depicted in the film, “Catch Me If You Can,” starring Leonardo di Caprio.
Stolen: $45 million from debit cards at ATMS
After stealing information from databases of prepaid debit cards, a network of thieves used the information on plastic cards that they created to extract money from ATM machines in 26 countries. From February 10-20th, they took out $40 million in 36,000 transactions over a 10-hour period. The other $5 million was withdrawn on December 22. It is being considered one of the biggest cash heists ever. Eight thieves in New York were eventually indicted.
Julie Bawden-Davis is a widely published journalist specializing in personal finance and small business. She has written 10 books and more than 2,500 articles for a wide variety of national and international publications, including Parade.com, where she has a weekly column. In addition to contributing to SuperMoney, her work has appeared in publications such as American Express OPEN Forum, The Hartford and Forbes.