Cybersecurity research firm Cyble recently disclosed that threat actors kept details of 80,000 credit cards on the darknet forum for sale in exchange for cryptocurrency. It was found that the stolen credit card details include both Visa and MasterCard users from various countries, which include:
- 33,000 credit card details from the U.S.
- 14,000 from France
- 5,000 from the U.K.
- 2,000 from Canada
- 1,200 from Singapore
- 1,300 from India
According to Cyble, the exposed information included the name of the cardholder, CVV code, billing details, and expiration date, which were selling at $5 per card, and the money was paid in cryptocurrency. While the source of this massive stolen credit card database was unknown, the researchers stated that hackers might have stolen these details via a phishing website or by compromising an online store.
Snapshot of the data leak of credit cards
“We report these breaches so people could be made aware of the threats and risks using these applications, and perhaps do something about it,” the researchers said in a statement.
Hackers Flood Dark Web with Leaked Databases
The discovery comes after Cyble recently identified and reported another massive data breach, in which the members of the “Shiny Hunters” hacking group compromised 73.2 million user records from over 11 companies and kept them on the darknet for sale. The hackers are from the same group who are behind the Tokopedia data breach, in which 91 million user records were compromised and kept on sale on the hacking forums for $5,000. Later, the group breached India-based online learning platform Unacademy, which exposed details of 22 million users and kept the records for sale on the darknet forums for $2,000.
Several incidents have been reported in recent times on hackers selling stolen information on the darknet markets. According to Cyble, attackers were also selling over 267 million Facebook records for £500 (US$623) on dark websites and hacker forums. The records contain information that could allow attackers to perform spear phishing or SMS attacks to steal credentials.