Authorities think that around 100 people might have coordinated to pull off the theft in Tokyo and 16 prefectures. Based on transaction data from 14,000 convenience store ATMs, they believe hackers stole the data and turned it into 1,600 cloned credit cards. Then used each one to withdraw the daily maximum of 100,000 yen. Japanese authorities are working with their South African counterparts and INTERPOL to track down the culprits.
It's not yet clear how the original thieves got the card data from the South African bank customers, though it could have easily been from ATM skimmers, camouflaged external readers that scan data strips as cards are inserted. Then that data can be sold on the black market and reprinted on counterfeit cards. Researchers have been trying to make forge-proof cards, but using smartphone apps to talk directly with ATMs might be a better option, since it bypasses potential skimmers entirely.