The card payment processing firms which saw their systems breached as part of two massive recent ATM heists have been named as India-based ElectraCard Services and EnStage.
Last week US authorities charged eight people with taking part in the attacks that saw card data stolen from payment processors and used to withdraw $45 million from ATMs around the world.
ElectraCard Services has admitted that it was one payment processor involved in the first attack, which saw around $5 million stolen from accounts at the National Bank of Ras Al-Khaimah PSC in the UAE in December.
The firm's CEO, Ramesh Mengawade, told Reuters that crooks managed to breach its systems and increase the withdrawal limits on "three or four accounts". However, a statement insists that no PIN or mag-strip data was compromised.
Verizon has been called in to investigate the intrusion by ElectraCard Services, which says it is also in the process of re-certifying and re-listing itself for compliance with the PCI-DSS standards of the PCI Security Standards Council.
Meanwhile, EnStage has emerged as the processor hit as part of the second attack in February, which saw around $40 million looted from Bank of Muscat. "Our customers were adversely affected by this sophisticated crime," EnStage CEO Govind Setlur told the Times of India.