Two Mexican nationals were carrying 96 fraudulent credit cards at a border crossing in South Texas.
The U.S. Secret Service is investigating whether there is any connection between two Mexican nationals arrested at the border in South Texas this weekend and the massive breach of Target customer data that affected millions of shoppers.
Mary Carmen Garcia, 27, and Daniel Guardiola Dominguez, 28, of Monterrey, Mexico, were arrested Sunday as they tried to re-enter the U.S. at the Mexican border.
Lt. Joel Morales, a spokesman for the McAllen Police Department, said his department was alerted the week of Jan. 12 by area merchants that there had been fraudulent credit card activity at their stores. McAllen Police investigators contacted U.S. Immigration and Customs Enforcement and Secret Service agents, who launched a joint investigation and zeroed in on the two suspects arrested Sunday, he said.
The couple, had been buying "thousands of dollars" worth of mostly electronics at places like Best Buy, Wal-Mart and Toys R Us, Morales said. The couple were arrested Sunday as they tried to re-enter the U.S. at the Anzalduas International Bridge. They had about 90 fraudulent credit cards in their possession, he said. Federal agents have seized a total of 112 cards from them.
Garcia and Dominguez each face six counts of credit or debit card abuse, state felonies that carry up to two years in prison, Morales said.
In the course of the investigation and arrest, Secret Service field agents told McAllen Police officials that the credit card data used by the couple were part of the recent large theft of Target credit card information, Morales said.
"We get them on occasion," Morales said of similar credit card fraud activity near the border. "Of this magnitude, this one stands out."
But to what extent the pair are directly involved in the Target data breach remains unclear, according to U.S. authorities. It's also unknown how Garcia and Dominguez allegedly obtained the credit card numbers and how they came upon the stolen Target account information.
"In regards to the arrests announced yesterday, the Secret Service is working with the U.S. Attorney's Office and McAllen Police Department to determine if there is any connection," the Secret Service said in a statement Tuesday.
However, a senior official at Department of Homeland Security downplayed the possible connection, saying that there is no direct link between the Texas case and the Target breach. The official is not authorized to speak publicly about the case and spoke on condition of anonymity.
The Target data breach in December affected 40 million credit and debit card accounts and the personal data of 70 million shoppers.
Investigators identified the pair and their Nissan Sentra with Mexican license plates after reviewing "miles of video" from area merchants. Police prepared arrest warrants after the two were identified through immigration records from a prior border crossing in the same vehicle, he said. Police then waited for them to return.
Investigators believe the two were involved in both the acquisition of the fraudulent account data and the production of the credit cards. The suspects allegedly singled out Sundays for their shopping sprees — buying mostly electronics — hoping banks would not be as quick to detect fraud.
The couple are believed to have purchased the credit card information from overseas hackers, and then used the data to create a series of bank cards and gift cards, according to the Texas Monitor. They allegedly made the cards with data stolen from residents of Rio Grande Valley.
Criminals have dozens of ways of stealing credit card numbers, from large-scale hacking operations like the ones that hit Target and Neiman Marcus to the "skimmers" that can be attached to a gas pump or ATM card reader to steal card data.
Underground websites known as "carding forums" or "card malls" offer stolen credit card numbers for sale in bulk, with bad numbers mixed among those that are still valid. Counterfeiters buy the numbers to reproduce the cards, which then can be sold to thieves who attempt to use to make purchases.
In January 2013, McAllen police arrested three men charged with purchasing credit card information and re-encoding the data into card templates, similar to the method allegedly used by the recently arrested couple, Morales said.
In December 2012, Mario Wong, 34, of McAllen, was sentenced to five years in prison after pleading guilty to participating in a transnational scheme where he would receive stolen debit and bank account numbers from co-conspirators in Mexico, purchase expensive items in the U.S., then return the items to Mexico for resale, according to the Department of Justice.
Federal prosecutors said Wong held more than 8,000 debit and bank account numbers and intended to steal more than $4 million worth of goods, according to the department.
Target spokeswoman Molly Snyder said the investigation into last month's breach was ongoing. The Minneapolis-based retailer said last week that it had stopped more than a dozen operations that sought to scam breach victims by e-mail, phone calls and text messages.
Contributing: Associated Press, Gary Strauss