Picante photo by macpaulster

Picante, the popular Mexican restaurant on 6th Street, has been the target of an international credit card fraud operation, its owner says today.

Thieves from as far away as Russia managed to penetrate the restaurant’s credit card encryption system and steal the numbers of dozens of customers, says Jim Maser, who has owned Picante for 16 years. The thieves then used the stolen numbers to create phony credit cards, which they turned around and sold, he says.

“People are upset and we are sorry,” says Maser. “We acknowledge how inconvenient and unsettling it was for them.  We are so service-oriented we want to make this right as fast as we can.”

Picante is just one of a number of Berkeley and Bay Area businesses that have seen their customers’ credit cards compromised, according to the Berkeley Police Department.

Picante first became aware of the security breach last Thursday, May 5, and has been working with the U.S. Secret Service since then, says Maser. The restaurant hired a private security company to find the source of the breach, fix it, and make sure it does not happen again. The restaurant is replacing its credit card swiping hardware and software.

The Secret Service arrested a number of people on Tuesday in connection with the theft, says Maser. They were arrested on the East Coast after they tried to make a purchase at an Apple store. But the masterminds of the theft probably came from overseas, perhaps from Russia or Dubai, Secret Service agents told Maser.

Berkeleyside reported Tuesday, May 3 that there had been a rise in credit card fraud in Berkeley. A number of readers commented that they thought their cards had been compromised at Picante, although the restaurant said they only began hearing from customers in large numbers on Thursday last week.

One Berkeleyside reader whose card had been compromised got a call Tuesday from a detective in Arlington, VA. Police there had arrested a woman who had 15 credit cards in her possession and all of them were made from credit card numbers stolen in Berkeley, Oakland, Albany and other parts of the East Bay, she said. One of those cards had this woman’s number on it.

Maser says the Secret Service told him that international thieves are targeting businesses that do more than $500,000 in business a year.

“This is the tip of the iceberg,” Maser says. “There are a bunch of hackers out there targeting businesses.”

It has been unsettling for Maser to find that his business had been so badly compromised and he hopes his customers understand that it was not someone inside Picante who was involved, but very sophisticated thieves.

“We sell tacos. We don’t solve crime. We don’t know what’s going on. This is way over our heads.”

Maser has set up an email account for people to contact him if they think their credit cards were compromised at Picante. It is picantefraud@yahoo.com

Frances Dinkelspiel

Frances Dinkelspiel (co-founder) is a journalist and author. Her first book, Towers of Gold: How One Jewish Immigrant Named Isaias Hellman Created California,...

Join the Conversation

12 Comments

  1. I just learned yesterday that someone has been shopping at Coach and Michael Kors with my Chase credit card # in Florida. (Do they make a new fake card with my number?) I’ll be curious to find out if there is a Picante connection; it’s a go-to family spot for us. And it’s a totally PITA given how much auto-stuff I have on the card.

  2. Testify DN. People are you listening? If your bank sends you a Visa/MC branded check card, tear that sucker up and tell them you want a PIN enabled ATM card only. I go through this every time when my Wells Fargo ATM card is up for replacement. For more, see this.

  3. I had a fraudulent charge on my debit card which was horrible. It will take a week for the funds to be returned to my account. It’s the first time to happen on my debit, but credit charges have been reversed immediately through credit card. I’m now reluctant to use debit. (Also did not use card at Picante)

  4. I gave up on Citibank. Had fraud, got a new card and within 2 weeks it was compromised again! NOTE: I did not eat at picante during that 2 week period.

  5. My credit card seems to be compromised about every 6 months nowadays. They just cancel it and issue a new one and let go of any fraud charges. Since the credit card companies are ultimately responsible they’ll surely someday come up with better alternatives. I now use Citibanks temporary credit card numbers, although these only work online. The solution may be card numbers that expire daily, or something like that.

  6. We notified Picante on 5/3 that 6 of our workmates had been defrauded the previous week.

    http://www.yelp.com/biz/picante-berkeley#hrid:0Q3_eagSZdOUQUStHlTK5w

    I wrote on 5/5/2010 above:

    “MANAGEMENT and the Berkeley Police have been notified! Management said over the phone on 5/3 that they are aware of the problem, that it is with their credit card processing provider AND RECOMMENDED ONLY USING CASH AT THE RESTAURANT. We can only hope they are being more proactive than this sounds.”

    So they definitely knew about it prior to last Thursday 5/6, even if it wasn’t up-leveled.

  7. I don’t know where that is, but it’s NOT the interior of Picante!

    I’ll have one Vegetarian Tostada w/corn tortilla & black beans, and a Sopa Verde to go please!!!

  8. We always pay with a credit card, but are now wondering how many places take checks any more. We don’t like to carry around a lot of cash, but the headaches that come with credit card fraud make us wonder what the alternatives are.