Indian Debit And Credit Card Data Being Sold Online: 1.3 Mn Users At Risk

Indian Debit And Credit Card Data Being Sold Online: 1.3 Mn Users At Risk

SUMMARY

The card details were listed for sale on ‘card shop’ Joker’s Stash

98% of the details belonged to Indians

This is the third biggest card dump this year

India has reportedly become the target of the third-biggest “card dump” this year. Almost 1.3 Mn debit and credit card details have been put up for sale on a website called Joker’s Stash on October 28, 2019. The database contains details from various issuing banks and 98% of the leaked data belongs to Indian customers.

Jokers Stash is a “card shop”, primarily used by criminal groups — including cybercrime groups FIN6 and FIN7— to buy and sell card details. The platform is advertised as a “card dump”.

The sale was brought to light by a Singapore-based cybersecurity company Group-IB that specialises in preventing cyber attacks. In its report, the company revealed that each card detail was being sold for $100, which brings the total value to at least $130 Mn.

The cybersecurity company clarified that the database includes Track 2 details that are usually collected by ATMs and point of sales (PoS) units. This helps rule out any possibility of a breach from digital transactions. Moreover, the data collection cannot be zeroed down to the compromise of any one bank’s ATM network, since the data comes from multiple issuing banks.

Group-IB also pointed out that more than 18% of the card details on the database belong to a single Indian bank.

Even though, there have been other such database sales in the past, this is one of the biggest single-file card databases ever uploaded on underground markets at once, Ilya Sachkov, CEO and founder of Group-IB, said.

The report also added, “What is interesting about this particular case is that the dаtabase that went on sale hadn’t been promoted prior either in the news, on card shop or even on forums on the darknet.”

In August 2019, payment card details of over 5.3Mn Hy-Vee —chain of more than 245 supermarkets located throughout the Midwestern United States— customers were listed for sale on the platform. This is termed as the biggest card dump of this year.

The second biggest was in February 2019, where payment card details of over 2.3 Mn Americans. the dump was nicknamed “DaVinci Breach”. In June and July 2019, details of 230K and 890K South Korean payment details were dumped on Joker’s Stash.

[The development was first reported on ZDNet.]

You have reached your limit of free stories
Become An Inc42 Plus Member

Become a Startup Insider in 2024 with Inc42 Plus. Join our exclusive community of 10,000+ founders, investors & operators and stay ahead in India’s startup & business economy.

2 YEAR PLAN
₹19999
₹7999
₹333/Month
Unlock 60% OFF
Cancel Anytime
1 YEAR PLAN
₹9999
₹4999
₹416/Month
Unlock 50% OFF
Cancel Anytime
Already A Member?
Discover Startups & Business Models

Unleash your potential by exploring unlimited articles, trackers, and playbooks. Identify the hottest startup deals, supercharge your innovation projects, and stay updated with expert curation.

Indian Debit And Credit Card Data Being Sold Online: 1.3 Mn Users At Risk-Inc42 Media
How-To’s on Starting & Scaling Up

Empower yourself with comprehensive playbooks, expert analysis, and invaluable insights. Learn to validate ideas, acquire customers, secure funding, and navigate the journey to startup success.

Indian Debit And Credit Card Data Being Sold Online: 1.3 Mn Users At Risk-Inc42 Media
Identify Trends & New Markets

Access 75+ in-depth reports on frontier industries. Gain exclusive market intelligence, understand market landscapes, and decode emerging trends to make informed decisions.

Indian Debit And Credit Card Data Being Sold Online: 1.3 Mn Users At Risk-Inc42 Media
Track & Decode the Investment Landscape

Stay ahead with startup and funding trackers. Analyse investment strategies, profile successful investors, and keep track of upcoming funds, accelerators, and more.

Indian Debit And Credit Card Data Being Sold Online: 1.3 Mn Users At Risk-Inc42 Media
Indian Debit And Credit Card Data Being Sold Online: 1.3 Mn Users At Risk-Inc42 Media
You’re in Good company