cancel
Showing results for 
Search instead for 
Did you mean: 

More than 1.2 million hacked credit cards released on the dark web

tag
Anonymalous
Valued Contributor

More than 1.2 million hacked credit cards released on the dark web

The dark web site "Biden-Cash" dumped the details of 1,221,551 credit cards on the web, in a promotional stunt. These are active cards (expiration dates between 2023 and 2026), and while they're from around the world, most appear to be from the U.S. The dumped data includes card numbers, expiration dates, CVV numbers, holder's names, bank names, card type information, physical and email addresses, and even social security numbers. Not all that information is available for every card, but most of the entries seem to contain at least 70% of those data fields.

 

This was reported on October 7 by D3Labs, an Italian cybersecurity monitoring group. Their analysts believe most of the card were captured by web skimmers, which is a term for malicious code injected into e-commerce websites. Large dumps of credit cards on the dark web are frequently composed of fake or old data, but while some of the entries appear to be recycled from the August 2021 "All World Cards" dump, D3Labs has confirmed the authenticity of some of the cards with several Italian banks. Preliminary estimates suggest about 30% of the data, or at least 350,000 cards, are valid. Italian banks (and presumably other banks around the world) have blocked many of the cards for fraudulent activity.

 

Techie article:

https://www.bleepingcomputer.com/news/security/darkweb-market-bidencash-gives-away-12-million-credit...

Mainstream article:

https://www.msn.com/en-us/money/personalfinance/tech-tips-biden-cash-dark-web-market-for-stolen-cred...

Message 1 of 10
9 REPLIES 9
Cowboys4Life
Frequent Contributor

Re: More than 1.2 million hacked credit cards released on the dark web

Certainly explains the sudden hack of my Cap1 QS last weekend.

Message 2 of 10
Anonymalous
Valued Contributor

Re: More than 1.2 million hacked credit cards released on the dark web


@Cowboys4Life wrote:

Certainly explains the sudden hack of my Cap1 QS last weekend.


Things like this is exactly why I use my Cap1 QS for most e-commerce sites: Virtual cards I can turn off when I'm not using, and a very low limit.

 

But yes, there does seem to be a sudden spate of reports of fraudulent activity. Hopefully your card got shut down with minimal fuss.

Message 3 of 10
M_Smart007
Legendary Contributor

Re: More than 1.2 million hacked credit cards released on the dark web

"

Cyber security researchers at Cyble wrote the majority of the 1.2 million cards were from U.S. users. The majority of those cards, 53% to be exact, were from American Express. Gizmodo reached out to the bank to ask whether those cards have been terminated and if any had been used for fraudulent transactions since the card numbers were released, but we did not immediately hear back. Other card issuers included the likes of Wells Fargo Bank, U.S. Bank, and Bank of America.

Since the details of the credit cards were freely available online, it’s likely the card issuers have already been informed about the leak, though it remains unclear how many people could have had their credit cards used in that time. Bleeping Computer reported that D3Labs—itself a company based in Italy—had analyzed some of those cards and determined 30% were still active, though many cards could have been listed in the previous All World Cards dump, and many others could have already been blocked."

Message 4 of 10
Anonymalous
Valued Contributor

Re: More than 1.2 million hacked credit cards released on the dark web


@M_Smart007 wrote:

"

Cyber security researchers at Cyble wrote the majority of the 1.2 million cards were from U.S. users. The majority of those cards, 53% to be exact, were from American Express. Gizmodo reached out to the bank to ask whether those cards have been terminated and if any had been used for fraudulent transactions since the card numbers were released, but we did not immediately hear back. Other card issuers included the likes of Wells Fargo Bank, U.S. Bank, and Bank of America.

Since the details of the credit cards were freely available online, it’s likely the card issuers have already been informed about the leak, though it remains unclear how many people could have had their credit cards used in that time. Bleeping Computer reported that D3Labs—itself a company based in Italy—had analyzed some of those cards and determined 30% were still active, though many cards could have been listed in the previous All World Cards dump, and many others could have already been blocked."


Thanks for the link. Cyble has an excellent breakdown of where the cards were issued.

 

Though I think the Gizmodo article may have misinterpreted Cyble's analysis, because that 53% doesn't match the data. It's true American Express is the largest bank in the dump, with 157,829 cards, but that's 13%, not 53%, of 1.2 million. And when it comes to payment networks, more VISA (601,446) and MasterCard (388,663) cards were were affected than American Express cards (190,523).

 

I was going to guess the 53% is the number of cards from the U.S., but that math doesn't work either (676899/1221551 = 55.4%).

Message 5 of 10
SouthJamaica
Mega Contributor

Re: More than 1.2 million hacked credit cards released on the dark web


@Anonymalous wrote:

The dark web site "Biden-Cash" dumped the details of 1,221,551 credit cards on the web, in a promotional stunt. These are active cards (expiration dates between 2023 and 2026), and while they're from around the world, most appear to be from the U.S. The dumped data includes card numbers, expiration dates, CVV numbers, holder's names, bank names, card type information, physical and email addresses, and even social security numbers. Not all that information is available for every card, but most of the entries seem to contain at least 70% of those data fields.

 

This was reported on October 7 by D3Labs, an Italian cybersecurity monitoring group. Their analysts believe most of the card were captured by web skimmers, which is a term for malicious code injected into e-commerce websites. Large dumps of credit cards on the dark web are frequently composed of fake or old data, but while some of the entries appear to be recycled from the August 2021 "All World Cards" dump, D3Labs has confirmed the authenticity of some of the cards with several Italian banks. Preliminary estimates suggest about 30% of the data, or at least 350,000 cards, are valid. Italian banks (and presumably other banks around the world) have blocked many of the cards for fraudulent activity.

 

Techie article:

https://www.bleepingcomputer.com/news/security/darkweb-market-bidencash-gives-away-12-million-credit...

Mainstream article:

https://www.msn.com/en-us/money/personalfinance/tech-tips-biden-cash-dark-web-market-for-stolen-cred...


Wow I experienced attempted fraud on not one but two cards this past weekend; probably related to this.


Total revolving limits 710800 (590300 reporting) FICO 8: EQ 712 TU 710 EX 710

Message 6 of 10
NoMoreE46
Community Leader
Senior Contributor

Re: More than 1.2 million hacked credit cards released on the dark web

Last week, I saw three attempts from China attempting to hack into my XBox account.

Message 7 of 10
Yasselife
Valued Contributor

Re: More than 1.2 million hacked credit cards released on the dark web

@NoMoreE46 Something like that happened to my ps4 last month. 






Message 8 of 10
RedKaos
Member

Re: More than 1.2 million hacked credit cards released on the dark web

Interesting. Had someone try and hack an old steam account this week. Might be related as it hasn't been in use and hasn't had a card on it for years.

Message 9 of 10
Itgem679
Regular Contributor

Re: More than 1.2 million hacked credit cards released on the dark web

I'd love to know if any of my information was there. I have dark web monitoring but Experian.com only tells me things like "minimal risk", "moderate risk", and gives an outline like "name", "social", "email" and what the data is but won't group it together like "Brianna Brown, Chase CC ending in 1234, etc."

Gardening until 2023. Current scores (11/2022): Ex: 757 Eq: 757 Tu: 757
CLs: (As of 12/2022)
First Tech World Mastercard: $10k
American Express: $1K
AAdvantage: $2.8K
Wells Fargo Platinum: $4.6K
Discover It (blue): $4.5K
Discover It (red): $4.5K
~6 other cards with limits under $2K
Auth'd user on 1 Capital One card.
All balances stay under 5%.
Message 10 of 10
Advertiser Disclosure: The offers that appear on this site are from third party advertisers from whom FICO receives compensation.