You are viewing this article in the AnnArbor.com archives. For the latest breaking news and updates in Ann Arbor and the surrounding area, see MLive.com/ann-arbor
Posted on Wed, Jun 22, 2011 : 10:35 a.m.

Hackers steal credit card numbers from computers at Conor O'Neill's in Ann Arbor

By Cindy Heflin

Hackers broke into the computer system at Conor O’Neill's Traditional Irish Pub in Ann Arbor and stole customers’ credit and debit card information and then used it to make purchases in Texas, police said.

The popular Irish pub on South Main Street called Ann Arbor police after local banks contacted the business and said the restaurant was the common point of purchase for several people whose credit or debit card numbers had been stolen, police said.

The fraudulent purchases were made between April 22 and June 10, said Sgt. Pat Hughes with the Ann Arbor Police Department.

Police said the restaurant’s credit card processing computer was vulnerable to computer hackers, possibly from Europe, but the problem has since been fixed. The number of people whose information was compromised has not been determined, Hughes said.

“There’s some pretty sophisticated computer hackers out there,” Hughes said. “They steal credit card numbers and then sell them on the black market to other criminals.” It’s likely the buyers of the stolen credit card numbers who used them to make purchases, he said.

Bank of Ann Arbor and Michigan Credit Union customers were among those whose credit card information was stolen, Hughes said, but the local banks' systems were not hacked.

Police are continuing to investigate the fraud in the communities where the fraudulent purchases were made, Hughes said.

Caroline Kaganov, general manager at the bar, told WDIV in Detroit that she was taken aback by the crime.

"We're a small, local business and we just don't imagine being targeted," Kaganov told the TV station.

Comments

Nicole Young

Wed, Jul 6, 2011 : 12:27 p.m.

Did you hear about what happened at a local bar in Ann Arbor recently with someone's credit card info getting compromised? I don't expect that in a city like Ann Arbor!

SuperFreckleFace

Fri, Jun 24, 2011 : 1:03 p.m.

My card number was hacked and had $2917.32 charged on it all from Pearland and Houston, Texas. These thieves were so gutsy. . .what gets me is that one of their charges was $1.08 at a McDonalds. Seriously $1.08?

hotsauce_gm

Thu, Jun 23, 2011 : 11:06 p.m.

I Got a call from Visa fraud protection today. There were multiple charges attemted using my card number from Texas this morning, amounting to around $300. Luckily TCF cancelled my card for me on the 20th (right before the story broke on WDIV). Guess where I used my card at last Friday?

Rizzle

Thu, Jun 23, 2011 : 3:10 p.m.

Why isn't this story in the Crime section or more prominently displayed on the home page?

Trepang674

Thu, Jun 23, 2011 : 3:02 p.m.

Connor's is a local business with lots of out of towners making their way there...easy to case the joint and then head back to thier coffee shops in EU. I agree - cash is king. No need to feed the banks any more than they are getting from the Feds.

D

Thu, Jun 23, 2011 : 1:10 p.m.

I find it difficult to understand why these numbers were being stored on a restaurant's system. Once the bill is paid, and the minute that approved comes up it is paid, there is no reason at all to store them. How long had these numbers been stored locally? I also wonder if this is a highly truthful story, most cards stolen in a restaurant setting are done by staff at the restaurant. This has not even been mentioned. Lots of reasons to be concerned in my opinion, I will certainly not be eating at a restaurant that stores my card data, or who doesn't consider the possibility of staff fraud. No matter what the source, Conor O'Neills is exposed as possibly not taking prudent measures to deal with these possibilities.

A2comments

Thu, Jun 23, 2011 : 11:11 a.m.

They should not be storing credit card info. They are in violation of PCI standards.

DetroitJoe

Wed, Jun 22, 2011 : 8:58 p.m.

My card was canceled last Thursday after someone charged a $1250 order from a vintage instrument shop in Milan, Italy. This might explain it...

smokeblwr

Thu, Jun 23, 2011 : 2:24 a.m.

More people from OUT OF TOWN who aren't like us trying to take advantage....really makes you think....

Top Cat

Wed, Jun 22, 2011 : 8:54 p.m.

Fortunately I had no undue charges because of this but did have my card cancelled. I recall when I was there as I was fascinated by some guy playing the spoons on a Sunday night. That alone should have been an warning.

Oregon39_Michigan7

Wed, Jun 22, 2011 : 7:52 p.m.

Um, why does Conor O'Neil's store customers credit card numbers? Shouldn't they process the number for a payment and not keep it?

Thomas

Wed, Jun 22, 2011 : 7:18 p.m.

Cash is King!

Steve Pierce

Wed, Jun 22, 2011 : 6:45 p.m.

What software stores credit card info and why would that machine be connected to the Internet. Today almost none store credit card info, especially when used at a bar. or restaurant. If anything the credit card software wasn't the problem, it was the PC used to process cards was infected with Malware and that is how they got the info. - Steve

Sparty On!

Wed, Jun 22, 2011 : 6:38 p.m.

My credit card got cancelled last Saturday, but for suspicious activity in Miami, FL. $100 at Home Depot and $100 at a grocery store. Luckily 5/3 takes care of that and I don't have to pay anything. Definitely spent a lot of time in Conor's during the time period specified.

Davidian

Wed, Jun 22, 2011 : 6:36 p.m.

Really, really getting sick of hackers, the impotence of cyber-police, and the very weak penalties. This is literally ruining lives. The pressure needs to be turned up, WAY up.

nowayjose

Wed, Jun 22, 2011 : 6 p.m.

This was a good story yesterday when it was on channel 4. Way to get the scoop.

xmo

Wed, Jun 22, 2011 : 5:01 p.m.

Now, if the police could protect us from the criminals in Lansing and Washington who steal a lot more!

Veggie Burrito

Wed, Jun 22, 2011 : 5 p.m.

By personal sleuthery, a number of the theft victims already figured Conor's as the point of theft. I went to a trivia night at Conor's with a large group in April, and between May and June, five of us experienced nearly identical fraudulent charges to our credit cards from Texas. All charges were approximately $200, to places like gas stations or grocery stores. My card was used 12:30am on 7/13 to try to purchase $250 of groceries from a Kroger. Luckily, I use BoA, and the charge did not go through. Others were not as lucky. My follow up question would be: why did it take the banks so long to determine the common point of purchase, which we realized a month ago? Is there a protocol for the victims to report when they have more information?

Macabre Sunset

Wed, Jun 22, 2011 : 5:25 p.m.

The trivia nights would be a lot more fun if they used some of the money to purchase a modern sound system. Right now it sounds a lot like the teachers on the Peanuts cartoons. I had better recheck my credit card records. Do they know if there is any continued risk, or how long they stored credit-card information? They're really not supposed to store it at all, I thought.

smokeblwr

Wed, Jun 22, 2011 : 4:54 p.m.

People on AA.com often reference the large number of people panhandling on the street nowadays. However, I have not noticed an increase over how it was 20 years ago. In fact, I seem to remember it being worse 20 years ago. But maybe that was because I was hanging out in different parts of downtown back then. Anybody else share my impression who is qualified to do so?

LBH

Thu, Jun 23, 2011 : 1:07 p.m.

I am down in the campus area all the time and have been for the past 25 years or so and I would say it is about the same as it has been. I haven't noticed an increase in the number of people or in their aggressive nature. There have always been a few who are very aggressive, and you know who they are after a while, and most are just not.

BobbyJohn

Wed, Jun 22, 2011 : 5:33 p.m.

I have lived in the center part of A2 since 1976 and I feel that panhandling has gotten worse, and that panhandlers are more aggressive, also.

microtini

Wed, Jun 22, 2011 : 4:50 p.m.

Going around cash-less might sound like a good idea, but you've gotta carry some green to make your way through the phalanx of panhandlers that have taken over downtown.

Hmm

Thu, Jun 23, 2011 : 2:57 p.m.

" you've gotta carry some green to make your way through the phalanx of panhandlers that have taken over downtown." Wait, what?! Are you actually giving those people money?? That is like trying to get rid of ants by dousing them in sugar water...

Roy Munson

Wed, Jun 22, 2011 : 4:28 p.m.

Don't carry cash around here on these streets. The risk of getting mugged is too high. At least with a credit card, you can work with the bank to take care of fraudulent charges.

Hmm

Thu, Jun 23, 2011 : 2:55 p.m.

I don't think there is a very high risk of being "mugged" in Ann Arbor. Panhandlers and homeless people begging for money yes, but outright strong arm robbery I seriously doubt it.

Derrick Forshee

Wed, Jun 22, 2011 : 4:07 p.m.

I hope they were at least smart enough to encrypt the credit card information and the computer network. Too many times have I seen places transmit that information over an unencrypted wi-fi signal. But than again any lock or encryption in vulnerable to hacking attempts if given enough time.

smokeblwr

Wed, Jun 22, 2011 : 3:39 p.m.

"Police said the restaurant's credit card processing computer was vulnerable to computer hackers, possibly from Europe, but the problem has since been fixed." More crime being committed on the good citizenry of Ann Arbor by people from OUT OF TOWN!!!

pvitaly

Wed, Jun 22, 2011 : 4:53 p.m.

I am sure more police officers would've prevented this crime

glimmertwin

Wed, Jun 22, 2011 : 3:28 p.m.

I don't think it matters whether you are a small local business or not. Credit card processing is cleared "outside" of the establishment. I'd be curious to know if a staff member was "swiping" or if the actual equipment in the pub was compromised. Please follow up on this story as the investigation progresses.

1bit

Wed, Jun 22, 2011 : 4:01 p.m.

You're right, skimming is a possibility. They could have a "man-in-the-middle" type attack if the computer was somehow infected and claims could be intercepted, but hopefully they are smart enough not to use the computer for surfing the internet/emails/etc.

treetowncartel

Wed, Jun 22, 2011 : 3:16 p.m.

Cash is King!

treetowncartel

Wed, Jun 22, 2011 : 9:01 p.m.

Who is Dave Ramsey? I like to pay with cash at bars and restaurants in particular. if I am paying as I go I can let the server know right away I'm not a cheapskate, and if I pay at the end they have their tip in hand. Cash is King for other reasons to, but I am not going to agree to anything about Dave Ramsey since I have no clue what you are talking about. Have a good one!

Thomas

Wed, Jun 22, 2011 : 6:34 p.m.

I see Dave Ramsey has made it into your life as well.

pvitaly

Wed, Jun 22, 2011 : 3:03 p.m.

Oh Snap! I was camping with a friend this past weekend. Her credit card was cancelled because of "suspicious activity." $200 at a gas station in Texas.