This type of theft is relatively easy to perpetuate. It's called Kali Linux, any script kiddy can download it and install it. Then use tools like wire shark etc to sniff the waves for useful information. Or better yet, just spoof the hotspot as a man in the middle and take anything that comes across. Works well for hotels as well that offer either free wifi or paid wifi as the keys are sent unecrypted and I can sniff your key, and then become you through the hotel router to do all kinds of bad things. Or I just spoof myself as the hotel wifi and allow everyone coming in to connect their device to this network and take whatever I find, CC info, Bank Info, Passwords, Personal details etc...