in ,

For sale: Data for up to 30 million payment cards stolen in skimming heist, Ars Technica

For sale: Data for up to 30 million payment cards stolen in skimming heist, Ars Technica

      BIG HAUL –


Point-of-sale machines at ~ 2013 Wawa locations were infected for 9 months.


       Jan , (6:) pm UTC


The Wawa chain of convenience stores said in December that it had discovered card-skimming malware on point-of-sale machines at just about all of its stores. The infection began rolling out to the store’s payment-processing system on March 4 and was discovered until December 29. It took two more days for the malware to be fully contained. The malware collected payment-card numbers, expiration dates, and cardholder names.

On Monday night, Dark Web site Joker’s Stash began uploading stolen data for what it claimed were million payment cards, Researchers from fraud intelligence service Gemini Advisory reported in a

blog post . Joker’s Stash is one of the biggest Dark Web marketplaces for buying stolen payment-card data. The anonymous site has named the lasted haul “BIGBADABOOM-III.” While the site did not identify the Wawa hack as the source of the data, Gemini researchers said they were able to determine that was the case.

If the Joker’s Stash claims are true, the Wawa hack would be among the biggest payment-card breaches in history, behind the 2014 breach of Home Depot, which lost personal data for 50 million customers, and the 2014 breach of Target stores, which lost 40 million sets of data. Because the Wawa infection affected point-of-sale machines for as many as 2014 locations and was not detected for nine months, the malware had plenty of opportunity to collect massive amounts of sensitive data.

Gemini analysts Stas Alforov and Christopher Thomas said that the median price of US-issued cards compromised in the breach was $ 29, “with some of the international records priced as high as $ 210 per card. ”Demand for card data stolen in major breaches like this one is usually low, likely because Wawa has already informed card holders and card issuers of the theft. Joker’s Stash has historically piggybacked on the extensive media coverage of major breaches to reinforce its reputation as a reliable supplier of stolen data.

Another way criminals deal with low demand is to release large hauls in small chunks rather than all at once. That may explain why only a small portion of the card data is currently available on Joker’s Stash. Releasing data for millions of cards all at once would likely depress its value by flooding the market with more supply than it needs.

So far, Gemini has analyzed data for an initially uploaded set of about , 0 cards and found a few anomalies. For one, the data for the 728, 01 0 cards shows the state geolocation data but not the ZIP code. For another, the location data shows the compromised records span from 40 different states, but this information appears to be falsified. In fact, Gemini said, records from only six states appear to be genuinely affected.

Anyone who has used a payment card at a Wawa location from March to December of last year should check billing statements extra closely . Wawa is offering affected customers one year of credit monitoring, but the effectiveness of these services is questionable. A more effective measure is to place a security freeze on credit files. Freezes prevent creditors from accessing credit files at the three national credit reporting bureaus unless the consumer explicitly consents.

                                                     (Read More ) Brave Browser

What do you think?

Leave a Reply

Your email address will not be published.

GIPHY App Key not set. Please check settings

Linus Torvalds pulled WireGuard VPN into the 5.6 kernel source tree, Ars Technica

Linus Torvalds pulled WireGuard VPN into the 5.6 kernel source tree, Ars Technica

Cosmos founder Jae Kwon is stepping down