Hackers targeted Maxima customer accounts – as if they hadn’t scanned money anywhere

Seen by accident

Artūras, who lives in Vilnius, said that his wife had recently downloaded Maxima’s “Thank you” app to the phone. It includes a virtual “Thank You” card, which could be linked to a bank payment card and, as you said, would save a lot of time when paying at the store.

According to him, such a service was very convenient, but by chance he suddenly noticed strange payments.

“I accidentally opened my bank account, his statement, and noticed that four purchases had been made. They were all made one after another.

The first purchase amounted to 1.72 euros, the second to 17 euros, the third to 73 euros, the fourth to 93 euros. There was a note for which the Maxima application was paid.

Spending 200 Eur on Maxima is something to do, so my wives asked me what I bought. Then I remembered that my family and I were in Trakai that day and we didn’t visit the store at all, ”the man said in surprise.

According to Arthur’s wife, when she entered the application on the phone, she found the modified data: mail, phone number.

“We immediately blocked the bank card. When I contacted Swedbank, they told me it was probably a robbery,” he said.

Artūras assured him that he had immediately contacted the sales network, whose specialists had been informed about a possible hack of the company’s application.

“They told me we were to blame and we possibly use the same login codes here and on other accounts, so third parties may have learned them from another account and then hacked into the ‘Thank you’ account,” he said, but he added that it just couldn’t happen.

According to him, they and his wife are extremely careful and never use the same passwords. As stated, and in this case, a completely different password was devised for the account.

Arthur said he had referred the situation to the police, but had no further information.

“You know, if hackers had bought food for about 30 Eur, we would not have noticed it,” he laughed and assured him that he did not think much about the money stolen from the bank card, but more importantly, What is here is everything the rest.

“It is much more important to me that this information is known by other people who also have their cards linked to thank you accounts. After all, there are thousands,” said the man who wanted to warn others.

I tried logging into 500 accounts

Delfi contacted representatives of Maxima. Ernesta Dapkienė, director of the department of communication and image of the company, assured to know these cases.

“As soon as we notice suspicious logins on our customers’ thank you accounts, we take steps to prevent any malicious use of your thank you account, using potentially illegally obtained logins.

We have informed all customers recommending that passwords be changed. “We also removed ‘Thank you’ account logins and bank cards added to mobile apps for those customers who were in the risk zone,” he said.

As assured, it was observed that among the usernames checked for scam when trying to log in, there were a number of those that are not registered at all THANKS to the users of the Loyalty Program, which, as emphasized, leads to the conclusion that usernames and passwords collected from third parties.

“This data could have been misappropriated from any other website or system that uses the same logins as the” Thank you “account.

The login details were misappropriated from third parties that are not related to Maxima, said E. Dapkienė.

She said that in total, the “Thank you” accounts have more than 650 thousand. population, and the scammers attempted to connect to 500 accounts, 37 of which had a mobile app and debit card interface.

“It was only when we noticed the non-standard logins that we removed the attached bank cards and password for each account in the risk pool,” he said.

A pre-trial investigation is currently underway into potential illegal payment cases, as reported.

“These cases and the person who committed the illicit act were quickly identified. We work closely with the police and provide all the information necessary to conduct an investigation.

The economic damage caused to customers has already been compensated ”, he commented.

Conduct a pretrial investigation.

Laura Grondskė, Chief Specialist of the Lithuanian Police Communication Division, said that currently Kaunas County. LSC officials take immediate action in the pre-trial investigation.

“Information is collected on suspects and victims, so the disclosure of information about the initiated and ongoing investigation may damage the results of the investigation.

More information Kaunas aps. The LSC will be able to provide next week ”, said the specialist.