Credit card data stolen from hundreds of attendees at Boston conventions

Filed Under: Featured, Malware, Security threats

Many credit cardsThieves pinched the credit card data for hundreds of attendees of two conferences held in Boston, a city in the US state of Massachusetts, this past autumn.

The Boston Globe said on Wednesday that victims have reported fraudulent purchases made on their accounts around the US and overseas.

It's unclear how the thieves got the card numbers, although many victims said they used their credit cards in Boston restaurants and businesses - particularly in the Seaport District, where the Boston Convention & Exhibition Center that they were attending is located.

Georges Benjamin, executive director of the American Public Health Association, told the Boston Globe that this is the first time his group has experienced such a thing.

The group hosted 13,000 convention-goers in early November, out of which, so far, 100 have reported that fraud was carried out on their accounts.

In one case, a crook tried to make a $100,000 purchase on one of the accounts.

Another 200 people reported unauthorized charges after attending the annual conference of the American Society of Human Genetics, which hosted 8,000 attendees at the convention center in October.

The Boston businesses that could prove to be the weak spot have claimed that they're not the source of the breach.

For its part, the public authority that runs the convention center - Massachusetts Convention Center Authority (MCCA) - said that the data breach didn't happen inside the convention hall.

MCAA spokesman Mac Daniel said in a statement seen by the Boston Globe that the authority began investigating around Thanksgiving after having received complaints from the two conference groups and at this point has concluded that the breaches didn't happen at its facility:

After running internal checks and working with our customers, we found that no alleged theft occurred in any MCCA facility and appeared to occur at bars and restaurants across the city.

James E. Rooney, Executive Director of the MCCA, said in a statement that seven of its own employees were also victimized in the breach.

The general manager of a hotel connected to the convention center that hosted many attendees, the Westin Boston Waterfront Hotel, also told the Boston Globe that the breaches hadn't originated in its systems.

A spokeswoman for the Briar Group, which owns M.J. O'Connor's Restaurant as well as City Bar inside the Westin, told the Boston Globe that its security consultants hadn't detected any system problems and that the company complies with security standards as outlined by the payment card industry.

So, at the moment, it's unclear where the source of the data breach is.

Let's hope it turns up soon so no one else falls victim.

, , , , , , ,

You might like

6 Responses to Credit card data stolen from hundreds of attendees at Boston conventions

  1. Paul Baccas · 128 days ago

    When a waiter can wander off with your credit card what do you expect. Chip'n'pin needs implementing

  2. Anonymous · 128 days ago

    In cases like this, either they're missing something, or they can match up charges from the individuals from the breach to see what they have in common other than the conventions, then see if other non-convention goers with charges from the same places also have had problems. It could very well be that during conventions, some waiter at a nearby restaurant is skimming corporate card numbers when they're used as payment.

  3. john · 128 days ago

    This was skimming case so it may leave zero trace and MCCA could be telling lies. There are too many complaints for it to be coincidence.

  4. Tom · 128 days ago

    Given the number of cards numbers that were compromised, you'd think the card companies could zero in on the leak source pretty quickly.

  5. ScottK · 128 days ago

    Yeah, I'd be looking at surrounding businesses. I'm sure the inflow of card skimmers and convention-goers is directly related.

  6. Suzm · 128 days ago

    I work in the area and also had my credit card info stolen at the same time. I belong to a gym at a local hotel and have used my card in the area..have never been to the convention center or Westin. Maybe a coincidence, but I am suspicious.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.