Singaporean cybersecurity firm Group-IB has found 461,976 payment card details, mostly from Indian banks, available for sale on the dark web marketplace Joker’s Stash.
The breach compromised card numbers, expiration dates, CVV/CVC codes, cardholder names and other personal details such as their emails, phone numbers, and addresses.
Group-IB head of сybercrime research unit Dmitry Shestakov said: “Such type of data is likely to have been compromised online — with the use of phishing, malware, or JS-sniffers — while in the previous case, we dealt with card dumps (the information contained in the card magnetic stripe), which can be stolen through the compromise of offline POS terminals, for example.”
The source of the new breach has not been identified yet, other than the fact that over 98% of the total card records compromised have been issued by Indian banks.
According to the cybersecurity firm, the payment card records were uploaded on 5 February.
The entire database is said to be valued at around $4.2m, with each record selling for nearly $9. A total of 16 card records have been sold till 6 February, noted Group-IB.
The cybersecurity firm has already notified the Indian Computer Emergency Response Team (CERT-In) about the sale.
The breach is the second major one associated with Indian banks flagged by Group-IB.
Last October, the cybersecurity firm found a database of over 1.3 million credit and debit cards, mostly India records, on Joker’s Stash.
The entire database was valued at over $130m with over 18% of the dumps in the database found related to a single Indian bank.
The latest news comes shortly after cybersecurity firm Gemini Advisory found over 30 million credit and debit card details of the customers of convenience store chain WaWa being sold on Joker’s Stash.