A notorious illegal website where people can buy stolen credit cards has decided to celebrate its first birthday by publishing a database of more than two million credit and debit card details for free.
Since the leak was announced in advance, the media speculated that the goal is to get as much publicity and free advertising space as possible – so we’re not naming the site.
Researchers who dug into the leaked dataset calculated there are at least 740,858 credit cards, 811,676 credit cards and 293 debit cards — and while many appear to be duplicates, one company — D3 Labs — believes there are 2,141,564 unique entries.
Sensitive information leaked
In addition to the card number, the dataset also leaks people’s names, emails, phone numbers, home addresses and the details needed to use the card – expiration date and CVV code. Some maps, the researchers found, are valid until 2052. The database contains nearly half a million unique email addresses from 28,000 unique email domains, which in itself is an immensely valuable resource for cybercriminals.
“The presence of email addresses and complete information (commonly referred to as “Fullz” by cybercriminals) makes victims of this vulnerability vulnerable to other attacks such as phishing, identity theft (opens in new tab)and scams long after their card data expires,” Cyble researchers.
This is not the first time this website has opted for a publicity stunt like this. Late last year, the same site leaked more than 1.2 million credit cards, including free ones. At the time, it said the leak was a promotion for a new URL it had to register after someone DDoS its old domain and made it useless.
Another website did the same in August 2021 and released the details of over a million credit cards for free on a number of hacking forums.
Through: Beeping computer (opens in new tab)