B1ack's Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards

B1ack's Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards

Briefly

"The data, it says, was dumped after sellers were caught reselling card data purchased from B1ack's Stash on competing platforms, a violation of the marketplace's policies. B1ack's Stash allegedly suspended 8 million stolen CVV2 records in response to the sellers' misconduct, and decided to release the card data for free, instead of deleting it from its inventory."

"According to SOCRadar, the released data includes full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and IP addresses. Based on the availability of full card details and payment data, the information was likely stolen as part of e-skimming or phishing operations, SOCRadar says."

"SOCRadar says it has validated the authenticity of some of the records. Analysis of the data showed that some of the cards had expired or were duplicate entries. Overall, 4.3 million records appear to be new and likely usable for illicit activities, SOCRadar says."

""The presence of Asian financial hubs like Hong Kong, Singapore, Thailand, and Malaysia in the top 15 suggests the dataset is not solely the product of a single regional operation, but draws from multiple skimming or phishing campaigns targeting English-speaking and high-purchasing-power markets globally," SOCRadar notes."