Five men driving pickup trucks were arrested while swiping diesel from the gas station at a Gibsonton Wal-Mart Supercenter last month.
They used hidden tanks in their pickups to take up to 1,000 gallons of gas at a time and pay for it right at the pumps with stolen credit cards, authorities said.
"They used counterfeit credit cards," said Maj. Bob Johnson, enforcement chief at the state Department of Agriculture and Consumer Services. "One guy had 47 cards on him."
The back story: If you figured damage was over from the Hannaford/Sweetbay Supermarket credit card hacking first disclosed four months ago, think again.
Crooks are still trying to convert the numbers into cash.
"I just opened a fraud case with a Sweetbay number," said David Hill, a detective with the Montgomery County Police in Maryland. "They're popping up all over the East Coast."
Murphy Oil, which runs Wal-Mart gas stations, helped trigger arrests in similar diesel theft cases across several states. Many used card numbers from the 4.2-million filched during transmission to a Hannaford Bros. computer in Portland, Maine, which handles transactions for Sweetbay, its corporate sibling in Tampa.
"We were hit for $1-million in a month," said Mark Rainey, a Murphy criminal fraud investigator.
The hidden tanks in Gibsonton held 1,000 gallons. So profit per load topped $4,000.
Miguel Perez, 30, of Tampa and four others from the Orlando area were arrested in separate incidents. All were charged with felony theft and/or credit card fraud.
The route the lifted card numbers followed remains a mystery. When Hannaford discovered the hack on Feb. 27, the numbers were traced to an Internet address in Europe. Investigators figure the numbers and expiration dates were then sold. Thieves turned them into cash by charging over the phone or the Internet or by making their own cards.
Mark Albright can be reached at firstname.lastname@example.org or (727) 893-8252.