A joint international criminal investigation has resulted in seven people being charged in Romania for the largest credit card data theft in Australia's history.

The criminal syndicate had access to 500 000 Australian credit cards and approximately 30 000 credit cards have been used for fraudulent transactions amounting to more than $A30 million.

The investigation codenamed Operation Lino, started in June 2011 when the Australian Federal Police (AFP) received a referral from an Australian financial institution related to suspicious credit card transactions.

Stolen credit card data was being used to create false credit cards, enabling thousands of counterfeit transactions to be carried out in numerous overseas locations including Europe, Hong Kong, Australia and the United States.

After the AFP identified the cause of the data compromise, the investigation grew to involve numerous international law enforcement partners and the Australian banking and finance sector also provided strong support.

The operation came to resolution when 16 people were detained across Romania, seven of which were arrested and as a result, the criminal syndicate was successfully shut down. The AFP worked closely with Romanian authorities throughout the resolution and will continue to provide support during the prosecution phase in Romania.

No Australian credit card holders lost money as a result of these fraudulent transactions. Australian financial institutions reimbursed the financial losses of cardholders.

AFP Manager for Cyber Crime Operations, Commander Glen McEwen said that these arrests are the result of significant cooperation across law enforcement and the financial industry.

"This is the largest data breach investigation ever undertaken by Australian law enforcement.

"Without the cooperation of 13 other countries, along with Australia's banking and finance sector, we would not have been able to track these illegal transactions to the criminal network in Romania. Today's successful outcome is a culmination of 17 months of hard work with these partners."

"Policing is only one part of the solution to stop data compromises – credit cards should be kept in a secure place, ATMS should be checked for any unusual attachments, personal details including PIN numbers should be protected, financial statements should be checked continuously, mail boxes should be secured and if possible, 'chip and pin' security implemented on credit cards," Commander McEwen said.