Post navigation

Prev: (11/16/10) | Next: (11/17/10)

Secret Service adds more pieces to puzzle: Hill card breach happened October 22

The investigators responsible for sorting out the Capitol Hill credit card fraud wave have added another piece to the growing puzzle. The Secret Service tells KOMO  that the breach of a Capitol Hill restaurant’s computer system that gave thieves access to hundreds and perhaps more than one thousand accounts happened on a single day, October 22, and that they are targeting a specific overseas hacker.

We reported last week that an agent with the Secret Service’s Electronic Crime Task Force confirmed to KIRO that only a single Capitol Hill restaurant’s point of sale system had been breached.

CHS was first to report that personal and business accounts related to Capitol Hill’s Broadway Grill had been compromised along with accounts of a not-yet-known number of customers who ate and drank at the popular restaurant in recent months.

The KOMO story includes another wrinkle. Agent Bob Kierstead says that the task force is looking at fraudulent activity hitting another Pacific Northwest community that could be connected to this breach. KOMO was also the first news source to cover the wave when they reported that ‘100s’ of BECU customers had been hit by fraud.

We continue to tally daily SPD reports of fraud on the Hill and across the city since the wave first began to hit people’s accounts. The October 22 breach wasn’t felt in significant numbers until a few days later as the wave began to grow. And, of course, many of the incidents were reported to financial institutions but not to police. Here are the latest totals. Since October 24 when we began tracking the surge, there have been more than 400 reports of financial fraud in the city, more than 200 of those around Capitol Hill.

We have also pulled a plotting of the last 30 days of SPD fraud reports to give you a sense of the distribution across the city and the focus in the Capitol Hill area.

If you find fraudulent activity in your account, contact your financial provider then call the police non-emergency number at (206) 625-5011 and press 2, then press 8 to report your case.

Subscribe and support CHS Contributors -- $1/$5/$10 per month

15 Comments
Inline Feedbacks
View all comments
Obeythefist
Obeythefist
13 years ago

We were told by the person at Chase not to contact the police because, “they already know.”

Moxie
Moxie
13 years ago

It makes absolutely no sense that everyone who got hit ate at The Broadway Grill on 10/22. What is more believable is that the breach happened on 10/22 and they had been storing CC info in their systems. Can you please verify this information?

I ask because if they were storing CC data, it is pretty disturbing. They have no logical need to have customer’s cards on record for any length of time and if they did they have to clear it with their customers before doing in to be in compliance with CC industry standards.

I understand that they are victims and I feel for them, but my sympathy stops when it comes to irresponsible handling of customer data.

jseattle
jseattle
13 years ago

Questions about storage of data is something I’ve asked before but intend to ask again. Answer I’ve received is that agents couldn’t comment given status of investigation. But, as we’ve seen, they continue to roll back the layers of what they’ll talk about.

The situation being described at this point is a 10/22 breach that gave the hacker access to information on hundreds of accounts.

darcy
darcy
13 years ago

I had fraud , per my credit union, but had not eaten @ Broadway Grill since Gay Pride week, and I’m pretty sure my debit card had changed due to biannual expiration since then. I Suspect there was another location or two. Victrola? QFC? Places I use my card frequently

Morty
Morty
13 years ago

Sorry, that doesn’t work – both my BofA debit card and my Chase card were hacked. But I hadn’t used my Chase card since 9.7.10.
All this crap on heresay does nothing except hurt business on Broadway. If KOMO or KIRO reports it, is it supposed to be true?
Aren’t the banks reacting and taking care of this?

Pete
Pete
13 years ago

A friend of mine who was one of the victims of this fraud told me that he hadn’t eaten at Broadway Grill since April of this year. If the numbers were all stolen on the 22nd of October, how is it that they got his CC number? As Moxie points out it would appear that the system that Broadway Grill uses somehow stores the credit card numbers. If so, this is indeed most disturbing, and makes me wonder how common this practice is. How many of the credit card processing systems around the city have our CC numbers stored in them right now?

roycroft
roycroft
13 years ago

Fuck komo and Kiro. What about the Secret Service? The loyalty of the grill’s buddies is getting kind of ridiculous. It is obvious that they made some big mistakes. It is not the end of the world for them unless they make it the end of the world by continuing to whine about the situation they let happen.

JTContinental
JTContinental
13 years ago

I wonder about this, too, because I was hit, and I haven’t eaten at the Broadway Grill in months.

Christine
Christine
13 years ago

I wonder this too. We were hit by fraud in the same wave and the last time we ate at Broadway Grill was 12/25/2009 – nearly a year ago – so are credit card numbers stored this long or is there another business involved? There is more to this story.

seandr
seandr
13 years ago

There must have been another breach, as I was hit but haven’t been the Broadway Grill in years.

dianecorbin
dianecorbin
13 years ago

seems our card got hit in Seattle when we went to S.F. and used it at the airport – hmmmmmmmm????

Nickel
Nickel
13 years ago

Well websites such as google keep everything that we ever search and email sites check our messages for key words. It would be very easy to keep all of this information in a single database and that would make it easy to get hacked if the guy knows what he is doing. This is far more likely if it happened at the same restaurant before.

boz
boz
13 years ago

Ok, a little snark — do you listen to everything some anonymous corporate drone tells you over the phone?

april
april
13 years ago

Mine too! SFO, right before my card was deactivated by BECU.

A S
A S
13 years ago

“By the way, the Capitol Hill Chamber of Commerce is holding its monthly happy hour at the Broadway Grill on Thursday if you’re looking for an excuse to stop by and support the restaurant.”

Huh? Why should we support a restaurant that is storing its customers credit card numbers in a non-secure system, which led to theft and fraud? Yes they got hacked, but until they prove otherwise they’ll culpable in this action.