Nearly 500 people in Poland have lost significant amounts of money from their bank accounts, compromised by skimming attacks on ATMs across the country.
Polish authorities have launched an investigation into the well-organized criminal attempt, which has affected users of the teller machines of a major banking institution.
More than 2.2 million złoty drained from Santander accounts
Law enforcement agencies in Poland are now working to unravel a scheme to steal funds from bank accounts in some regions of the EU nation.
Nearly 200 reports of losses have been filed so far in two Polish provinces, the Kuyavian-Pomeranian and Greater Poland Voivodeships, triggering a major investigation by the District Prosecutor’s Office in the city of Bydgoszcz.
Most of the complaints, received between Saturday and Monday, were about unauthorized withdrawals from accounts of customers of Santander Bank Polska.
The Polish subsidiary of the Spanish multinational financial services company Banco Santander is the third-largest bank in the Central European country by both assets and outlets.
Officials believe that behind the theft is an organized crime group, which managed to draw 2.2 million Polish złoty (almost $604,000) out if the accounts of around 490 Santander clients.
The figures were made public on Tuesday by Agnieszka Adamska-Okońska, deputy head of the Bydgoszcz prosecutor’s office, and quoted by the Polish TVP3 channel. She noted the data is based on estimates provided by Santander. The bank said it’s still analyzing the reports.
ATM skimmers used to steal card data
Investigators are conducting their own thorough analysis. They suspect that the criminals obtained the bank card information needed to steal the money by utilizing so-called “skimming” devices.
Those were installed on ATMs used by the victims. At least two of the automated teller machines are located at Santander branches in Bydgoszcz, local media reported.
A “skimmer” is usually placed over or inside the card slot of an ATM to read and record information stored on the card’s magnetic stripe. The data is then used to create fake cards, and the clones are employed to withdraw cash or make purchases.
Marcin Zagórski, spokesperson for Poland’s Central Bureau for Combating Cybercrime (CBZC), commented on Tuesday:
“Everything indicates that we were dealing with a ‘skimming’ attack, meaning the skimming of payment card data and then using it to make unauthorized withdrawals from ATMs across the country.”
Zagórski remarked that so far there has been no information about affected account holders at other banks, besides Santander, but noted that the number of victims is still growing.
“We expect more, as more people continue to report losing funds,” said the CBZC official, adding that police are now trying to gather evidence, including surveillance footage from the ATM locations where the funds were withdrawn.
Meanwhile, prosecutors called on victims who haven’t reported their cases yet to do that at the nearest police station, urging Polish citizens to monitor their bank accounts for suspicious transactions.
Santander Bank refunds all established victims
Representatives of Santander Bank Polska said they were in close contact with law enforcement authorities while preparing to file an official criminal complaint.
The bank took measures to prevent further theft such as blocking all cards that were, or could have been affected by the skimming attempts.
Santander has already refunded customers who lost funds. In a statement, it acknowledged that several hundred account holders had been affected, noting the refunds were issued automatically.
The bank insisted the incident was of a regional nature and did not concern the overall integrity of its banking systems. It also noted that only ATMs have been involved, and not any contactless transactions.
If you’re reading this, you’re already ahead. Stay there with our newsletter.
