The spate of recent breach disclosures suggests a shift in focus by criminals from credit card fraud to PIN-based debit card fraud, said Mike Urban, director of fraud technology operations at Fair Isaac Co., a Minneapolis-based company that is helping investigate the recent incidents.

Though PIN-based ATM and point-of-sale transactions continue to be one of the most secure methods of executing sales, criminals are employing a variety of sophisticated ways to compromise them, he said.

'In general, what we've seen over the years is that criminals tend to favor trying to capture PINs at ATMs or point-of-sale devices' using hidden cameras or sometimes 'overlays' on the pinpad to capture data, Urban said.

Also employed are so called 'key ghosts,' which are attached to the inside of point-of-sale systems to capture card track data and PINs, he said. Other techniques include the use of 'card throat' readers that fit over existing ATM card readers and skim card data without interfering with legitimate transactions, Urban said.