A U.S. grand jury on Tuesday indicted eight foreigners on charges stemming from an elaborate cyberheist that began by hacking debit card data from Atlanta-based payments processor RBS WorldPay, then using the data to extract millions from ATMs around the world in just 12 hours.

Acting U.S. Attorney Sally Quillian Yates called it "perhaps the most sophisticated and organized computer fraud attack ever conducted." She credited "unprecedented cooperation" between the U.S. and Estonia for cracking the case.

Yet the theft is just the latest example of how enterprising cybercriminals have become at stealing data, recruiting partners and pulling off crimes on a global scale.

"I'm willing to bet there are larger operations out there than this one," says Adam Bumgarner, threat intelligence analyst at VeriSign iDefense.

The theft of 94 million payment card records from retail giant TJX in 2007 fueled a similar coordinated crime spree, as did the theft of 130 million records from payment processor Heartland Payment Systems last year.

Viktor Pleshchuk, 28, of St. Petersburg, Russia; Sergei Tsurikov, 25, of Tallinn, Estonia; and Oleg Covelin, 28, of Chisinau, Moldova, were charged with wire fraud, computer fraud and identity theft, along with five others.

In November 2008, the trio allegedly hacked into RBS WorldPay's computer network, then cracked the encryption codes protecting account numbers and PINs for 44 prepaid payroll accounts. Companies use such accounts to distribute salaries via debit cards, which employees use at ATMs to withdraw their pay.

Yates says the thieves raised the payroll account limits, then arranged to have the stolen account numbers embedded on the magnetic stripes of blank payment cards. Finally, they set into motion an army of "cashers" in 280 cities worldwide.

In just 12 hours, using the counterfeit cards, the cashers withdrew $9.4 million from more than 2,100 ATMs in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada, says Yates.

"The technical aspects were not that impressive," says Uri Rivner, senior security analyst at RSA, The Security Division of EMC. "But the level of coordination was staggering."

Rivner says the ring leaders likely spent months on Internet forums recruiting card counterfeiters and cashers and plotting a fast-moving wave of withdrawals.

"The element of surprise allows you to do a tremendous amount of damage in a short span of time," says Rivner. "It's like an al-Qaeda strategy of multiple attacks in a single day."