Unauthorized bank ATM withdrawals - London/Panama
April 14, 2015
Digital Forensics Investigation, Cyber Incident Response, Forensic Imaging, Computer Forensics Investigation
Envista Forensics was hired by a leading international loss adjusting firm representing a credit card processing facility to investigate the cause of $1.2M in unauthorized international ATM withdrawals. The withdrawals, which occurred in London, England, were not authorized by the bank holding the account and occurred over the course of a weekend at multiple ATM locations throughout the world.
Envista was retained by our client to provide a technical investigation of the authorization process between the bank and the centralized credit card transaction facility, in order to identify pertinent information regarding the transaction. We were also asked to verify if the unauthorized withdrawals were caused as a result of malicious activity occurring within the credit card transaction facility.
Envista's digital forensics experts focused on the credit card authorization process that was established between the bank and the credit card transaction facility whenever transactions occurred. During this time, our experts were able to confirm that only the account being investigated had experienced this malicious activity. Moreover, our team reviewed the banking process where the credit card data was setup for transmission to the credit card processing facility.
Based on this investigation, Envista experts concluded that there was no data to support that the processing of the ATM transactions were malicious. Instead, we saw multiple errors occurring at both the bank and the credit card processing facility. Both systems had been established for a long period of time according to examined records and change logs. As such, the claim was denied as these multiple errors represented pre-existing conditions and could be contributed to maliciously written software/activity which was the only covered peril under the insurance policy.