Original URL: https://www.theregister.com/2008/09/12/uae_atm_hacking_attack/

Massive ATM fraud triggers Gulf banking jitters

Cash machine chaos

By John Leyden

Posted in Security, 12th September 2008 20:44 GMT

Banks across the United Arab Emirates are fighting to restore confidence in its banking system after hackers used counterfeit cards to withdraw funds from cash machines.

It's unclear how many customer accounts have hit by the attack much less how much money has been lost over the last three days, when the issue came to the fore. Local banks including Citibank, HSBC, Lloyds TSB, National Bank of Abu Dhabi and Emirates NBD have all issue statements, The Times reports.

The fact so many local bank are involved show that the problem is widespread. Fraudulent withdrawals both inside and outside the UAE have been recorded, Reuters adds.

A large number of banks have taken the highly unusual step of advising customers to change their PINs as a precaution. They are issuing text message alerts to customers on the issue while emphasizing that anti-fraud systems have the problem under control. Customers have been assured that they will be reimbursed for any losses.

Some banks have frozen the accounts of customers who have failed to change their PINs, causing chaos, UAE paper The National reports. Dubai Bank temporarily suspended international use of its ATM machines. It says only 42 customers were affected, all of whom have already been re-imbursed.

A statement from the National Bank of Abu Dhabi, which seems typical of those issued by the banks, can be found here.

Preliminary investigation suggest that hackers may have got their hands on card details and PINs after rigging cash machines with card skimmers. Other reports raise the dark spectre that bank's internal systems have been compromised. We'll know soon enough who is right.

First hand accounts from customers hit by the fraud are flooding into The Gulf Daily News. ®