Group-IB researchers have found a data dump of over 1.3 million credit and debit cards of Indian banking customers on the Dark Web for open sale. The data on those cards are worth $130 million. The said data can be accessed by cybercriminals one of the oldest card shops on the dark web, known as Joker’s Stash.
Researchers from the Singapore-based cybersecurity company said that this is the single biggest and one of the most valuable database uploads on the dark web. “Early data analysis suggests the card details may have been obtained via skimming devices, installed either on ATMs or point of sale (PoS) systems,” the report mentions.
Cybercriminals use the data bought from Joker’s Stash typically by cloning legitimate cards and withdrawing money from ATMs. This is known as Track 2 data which is found on the magnetic stripe of the cards.
Ilya Sachkov, CEO and founder of Group-IB, said, “The cards from this region are very rare on underground markets, in the past 12 months, it is the only big sale of card dumps related to Indian banks. Group-IB’s Threat Intelligence customers have already been notified about the sale of this database. The information was also shared with proper authorities.”
As of now, the details of the origin of these card information are not known. Moreover, there’s no confirmation on which banks are compromised. But according to Group-IB, 18% of cards were related to a single Indian bank.
Joker’s Stash has become one of the significant underground credit card shops over the past five years. Vital releases of stolen credit cards from data breaches at companies like British Airways, Target, Walmart, Lord & Taylor, etc. have added to its portfolio. The incident came to light back in February when banking details for 2.15 million Americans were put up for sale and a similar second incident in August saw card details of 5.3 million taken from gas and convenience chain Hy-Vee that were later made available on Joker’s Stash.