Certainly explains the sudden hack of my Cap1 QS last weekend.

---

@Cowboys4Life wrote:

Certainly explains the sudden hack of my Cap1 QS last weekend.

---

Things like this is exactly why I use my Cap1 QS for most e-commerce sites: Virtual cards I can turn off when I'm not using, and a very low limit.

But yes, there does seem to be a sudden spate of reports of fraudulent activity. Hopefully your card got shut down with minimal fuss.

"

Cyber security researchers at Cyble wrote the majority of the 1.2 million cards were from U.S. users. The majority of those cards, 53% to be exact, were from American Express. Gizmodo reached out to the bank to ask whether those cards have been terminated and if any had been used for fraudulent transactions since the card numbers were released, but we did not immediately hear back. Other card issuers included the likes of Wells Fargo Bank, U.S. Bank, and Bank of America.

Since the details of the credit cards were freely available online, it’s likely the card issuers have already been informed about the leak, though it remains unclear how many people could have had their credit cards used in that time. Bleeping Computer reported that D3Labs—itself a company based in Italy—had analyzed some of those cards and determined 30% were still active, though many cards could have been listed in the previous All World Cards dump, and many others could have already been blocked."

---

@M_Smart007 wrote:

"

Cyber security researchers at Cyble wrote the majority of the 1.2 million cards were from U.S. users. The majority of those cards, 53% to be exact, were from American Express. Gizmodo reached out to the bank to ask whether those cards have been terminated and if any had been used for fraudulent transactions since the card numbers were released, but we did not immediately hear back. Other card issuers included the likes of Wells Fargo Bank, U.S. Bank, and Bank of America.

Since the details of the credit cards were freely available online, it’s likely the card issuers have already been informed about the leak, though it remains unclear how many people could have had their credit cards used in that time. Bleeping Computer reported that D3Labs—itself a company based in Italy—had analyzed some of those cards and determined 30% were still active, though many cards could have been listed in the previous All World Cards dump, and many others could have already been blocked."

---

Thanks for the link. Cyble has an excellent breakdown of where the cards were issued.

Though I think the Gizmodo article may have misinterpreted Cyble's analysis, because that 53% doesn't match the data. It's true American Express is the largest bank in the dump, with 157,829 cards, but that's 13%, not 53%, of 1.2 million. And when it comes to payment networks, more VISA (601,446) and MasterCard (388,663) cards were were affected than American Express cards (190,523).

I was going to guess the 53% is the number of cards from the U.S., but that math doesn't work either (676899/1221551 = 55.4%).

---

@Anonymalous wrote:

The dark web site "Biden-Cash" dumped the details of 1,221,551 credit cards on the web, in a promotional stunt. These are active cards (expiration dates between 2023 and 2026), and while they're from around the world, most appear to be from the U.S. The dumped data includes card numbers, expiration dates, CVV numbers, holder's names, bank names, card type information, physical and email addresses, and even social security numbers. Not all that information is available for every card, but most of the entries seem to contain at least 70% of those data fields.

 

This was reported on October 7 by D3Labs, an Italian cybersecurity monitoring group. Their analysts believe most of the card were captured by web skimmers, which is a term for malicious code injected into e-commerce websites. Large dumps of credit cards on the dark web are frequently composed of fake or old data, but while some of the entries appear to be recycled from the August 2021 "All World Cards" dump, D3Labs has confirmed the authenticity of some of the cards with several Italian banks. Preliminary estimates suggest about 30% of the data, or at least 350,000 cards, are valid. Italian banks (and presumably other banks around the world) have blocked many of the cards for fraudulent activity.

 

Techie article:

https://www.bleepingcomputer.com/news/security/darkweb-market-bidencash-gives-away-12-million-credit...

Mainstream article:

https://www.msn.com/en-us/money/personalfinance/tech-tips-biden-cash-dark-web-market-for-stolen-cred...

---

Wow I experienced attempted fraud on not one but two cards this past weekend; probably related to this.

Total revolving limits 743700 (625200 reporting) FICO 8: EQ 705 TU 717 EX 687

Last week, I saw three attempts from China attempting to hack into my XBox account.

@NoMoreE46 Something like that happened to my ps4 last month. 

Interesting. Had someone try and hack an old steam account this week. Might be related as it hasn't been in use and hasn't had a card on it for years.

I'd love to know if any of my information was there. I have dark web monitoring but Experian.com only tells me things like "minimal risk", "moderate risk", and gives an outline like "name", "social", "email" and what the data is but won't group it together like "Brianna Brown, Chase CC ending in 1234, etc."