Hancock Fabrics Linked to Fraud in 3 States

CA, WI and MO Investigators Say Recent Thefts Tied to Retailer's Transactions
Hancock Fabrics Linked to Fraud in 3 States
Bank customers in California, Wisconsin and Missouri are reporting fraudulent ATM withdrawals that police say are tied to transactions conducted with the Hancock Fabrics retail chain.

In California, Napa Police Department spokesman Brian McGovern says 60 residents reported their cards being used by thieves. In one case, a Napa resident reported $840 in cash withdrawals. The Hancock Fabrics store on Imola Avenue in Napa was the "common thread" among the numerous people who reported credit and debit card fraud. McGovern says the store had recently replaced its point-of-sale machines.

At about the same time, as many as 70 Wisconsin victims reported suspicious ATM withdrawals from their accounts, according to Wood and Portage county law enforcement, which also ties the thefts to machines in Hancock Fabrics stores.

And in Missouri, at least 10 customers at Hancock Fabrics in the St. Louis area reported their debit card numbers and pin numbers stolen during the week of November 9.

Hancock Fabrics (HFKI) is a Baldwyn, MS-based fabrics and sewing supplies retailer, operating 264 retail stores in 37 states. Hancock so far as not responded to repeated calls inquiring about these breaches and their possible link to the retailer.

California Crimes
Charter Oak Bank in California had four customers report money missing from their accounts, says Tom Ragusa, vice president and compliance officer.

Losses from the four customers are under $10,000, Ragusa says, and the bank has issued the new cards to the customers. The bank has also contracted with its core service provider, Jack Henry, to put in new measures on transactions, including IP address restrictions. The bank also will hold a fraud presentation for its cash management customers to educate them about these threats and other types of fraud.

"We're monitoring our customers' accounts, and time will tell how many more will be affected," he says. "Some customers don't look at their statements, so we don't know until they come forward."

The Napa Police Department has also received information from the Sacramento County Sheriff's Department of tampering in at least five card swipe machines at other Hancock Fabric locations, McGovern says.

Wisconsin Spree
In Wisconsin, the cash withdrawals came over several days from the Milwaukee area in mid-October from customers who made purchases at Hancock Fabrics stores in August and September, says Portage Sheriff's Department Detective Gary Koehmstedt.

He estimates the total loss is in the $40,000 range. It appears that the thefts are related to ones that occurred in Napa and in Sacramento over the same weekend, Koehmstedt notes.

Missouri Thefts
In Missouri, local news reports say theft cases are being investigated in O'Fallon, Chesterfield, Richmond Heights, Des Peres, Town and Country, St. Charles, St. Peters, and St. Louis. All the customers who reported money missing shopped at Hancock Fabrics, according to reports.

Local law enforcement agents say the common denominator in all of these reported scams is Hancock Fabrics. Investigators believe the previous credit card readers at the stores may have been capturing account and pin numbers. At least $3,000 was taken from two of the customers' bank accounts, according to police reports.

Another in a Line of Breaches
This year's most noted breach is Heartland Payment Systems, which reportedly involves 130 million compromised accounts.

Other companies have been breached and credit card and debit card information taken, such as this summer's announcement by the Radisson hotel chain that a breach had occurred, and an undetermined amount of data was taken.

The Payment Card Industry Security Standards Council released a resource this past summer to help merchants and other companies to better recognize and understand the inherent vulnerabilities in the use of point of sale terminals and terminal infrastructure.


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.