Attempts to access illegally the accounts of UAE bank customers have continued from automated teller machines (ATMs) overseas after a recent security breach resulted in the release of personal account details, according to executives at three banks. A senior official of one bank confirmed that money had been stolen overseas from some local accounts. To combat the attempts, banks continue to urge customers to change their personal identification numbers (PINs). Some banks have resorted to closing the accounts of customers they believe could be vulnerable, while others have cut off all access to accounts from ATMs outside the country.
"It's a well-coordinated, well-organised fraud network," said Arup Mukhopadhyay, the executive vice president of retail banking at Abu Dhabi Commercial Bank. It remains unclear exactly how many customers may have had details of their cards stolen. One senior executive at a major bank said it had confirmed 58 cases of fraudulent withdrawals from overseas. Most of the country's banks have sent advisories to tens of thousands of customers, telling them to change their PINs. Banks have faced a daunting public relations and security problem as they tried to alert customers without creating panic.
At times, their efforts have been confusing and uncoordinated, while the Central Bank of the UAE, which oversees the industry, has remained silent. Some ATMs have been plagued by queues of customers seeking to change their accounts. Some banks have made statements that they were not affected, only to later send messages to customers warning them they should immediately change their PINs. Bankers said yesterday they were still unsure precisely where the security breach occurred, who was behind it and how exactly they gained access to the information. They said they were working closely with Visa and MasterCard, which run the world's two largest card networks, to investigate the breach.
Michael Miebach, the managing director for Barclays in the Middle East, said the networks had led the way in the investigation. Some bankers expressed frustration that the central bank had not played a bigger role in co-ordinating an industry-wide public response to the problem. The bank has made no public statements, and according to several bankers has been equally quiet behind the scenes. "Clearly, if there had been strong leadership from the central bank right from the beginning, it would have stopped all the different approaches adopted by individual banks," said one senior banker.
"If we'd all done the same thing, the public would have been clearer as to what was going on, and probably more accepting of it." Central bank officials did not respond to repeated requests for comment. The bank has played a key role in dealing with past cases of ATM and credit card fraud. In 2003, the first major ATM fraud in the UAE was a case of "skimming", where criminals attached a card reader to an ATM that collected information from customers' cards.
The central bank, which was involved in the case virtually from the beginning, said "a gang of computer professionals" had been responsible for the skimming operation and promised to help banks return customers' money. * additional reporting by Asa Fitch mjalili@thenationl.ae hnaylor@thenational.ae
