Australian police have charged seven Romanians for making fraudulent transactions of more than $30 million, the country’s largest credit data theft to date, according to an article from Information-Age.

The criminal syndicate in Romania had access to 500,000 Australian credit cards, around 30,000 of which  were used to make fraudulent transactions totaling more than $30 million, according to a joint statement from the Australian Federal Police (AFP), Australian Bankers’ Association (ABA) and Abacus Australian Mutuals.

The hackers installed remote desktop software on Point of Sale (PoS) systems belonging to small Australian businesses to record credit card numbers people entered into the terminal, the article says. That stolen data was then used to create fake credit cards, enabling thousands of counterfeit transactions to be carried out in Europe, Hong Kong, Australia and the U.S.

The following is an excerpt from the Information-Age article:

The joint operation, codenamed “Operation Lino” started in 2011 when an Australian financial institution contacted the AFP to notify them of suspicious credit card transactions.

When the AFP tracked the source of the suspicious transactions, the investigation grew to include international law enforcement partners including the Romanian police, who detained 16 people in Romania and arrested seven.

No Australian credit card holders lost money as a result of the fraudulent transactions due to Australian banks reimbursing cardholders' losses, the AFP said.

Commander Glen McEwen, AFP manager for cyber crime operations, said it was the largest data breach investigation ever undertaken by Australian law enforcement.

“Without the cooperation of 13 other countries, along with Australia's banking and finance sector, we would not have been able to track these illegal transactions to the criminal network in Romania,” he said.

“Banks have advanced monitoring systems to prevent fraud and in this case, they contacted customers when suspicious transactions occurred,” said Steven Muchenberg, CEO of the ABA. “Often banks will take immediate action to protect the account, stop transactions and cancel cards when it is confirmed that fraud may have been perpetrated.”