The Washington Post reports on the latest case of credit card data “skimming,” an issue we’ve discussed before. “Skimmers” are devices that read and capture data off magnetic strips on credit cards, driver’s licenses, ATM cards. It isn’t hard to find the technology for credit- or debit-card skimming. Card readers are readily available from stores for a few hundred dollars.
In 2007, New York prosecutors charged 13 people with harvesting data from credit cards using skimmers. “[Waiters and waitresses] used small hand-held devices, about the size of a cigarette package that could be kept in a pocket, to record information encoded in the magnetic strips of credit cards.”
Bars and clubs have used off-the-shelf card readers to gather data from customers’ driver’s licenses or ID cards. In 2008, USA Today listed cases in California, Pennsylvania and other states where people were suspected of targeting gas pumps to surreptitiously gather data.
Now, the Post reports:
Three servers at the Cheesecake Factory restaurant on Wisconsin Avenue in the District allegedly stole credit card numbers from patrons as part of a scheme that racked up more than $117,000 in fraudulent charges between 2008 and last year, authorities say.
Investigators with the U.S. Secret Service allege the servers were working for a larger fraud ring and were using electronic devices to “skim” the credit card numbers of customers they served at the restaurant. The devices were handed off to others, and the stolen numbers were used to make fake credit cards and later used to buy gift cards and merchandise in the Washington area, according to court records in U.S. District Court in Alexandria.