Over a Million Credit Card Records Released on Dark Web
Another major data dump has brought attention to the perils of the dark web. A dark web carding market named “BidenCash” has released a dump of 1.2 million credit cards to promote their marketplace, allowing anyone to download the data for free to conduct financial fraud.
Carding is the trafficking and use of credit cards stolen through point-of-sale malware, Magecart attacks on websites, or information-stealing malware. BidenCash is a stolen cards marketplace launched in June 2022, leaking a few thousand cards as a promotional move. This time, the market’s operators decided to promote the site with a much bigger dump.
The threat actors announced the credit card dump earlier this month new URLs BidenCash launched late in September in response to distributed denial of service (DDoS) attacks, so it could be a way to promote the new shop domains.
The freely circulating file contains a mix of “fresh” cards expiring between 2023 and 2026 from around the world, but most entries are from the U.S. The dump of 1.2 million credit cards included credit card and personal information like:
- Card numbers
- Expiration dates
- CVV numbers
- Holder names
- Bank names
- Card types, statues, and classes
- Holder address, State and ZIP codes
- Email addresses
- Social security numbers
- Phone numbers
Not all details are available for all 1.2 million records, but most entries contained 70 percent of the data types.
This is just another reminder of how important it is to protect the data you collect from your customers at all costs. Consider adding dark web monitoring to your existing security solutions stack. 2W Tech is a technology service provider with IT Consultants on staff that specialize in security solutions. We trust Dark Web ID to protect our clients. Dark Web ID has been an industry leader for years because they never stop innovating to keep businesses out of credential compromise trouble. Give us a call today to learn more.