BriansClub, one of the biggest black market sites, was hacked in order to retrieve the data of more than 26 million payment cards that were stolen. The card details were previously stolen from online sites and brick-and-mortar stores of retailers as far back as 2015.
KrebsOnSecurity reported last month that a source shared a plain text file containing what claimed to be the full database of cards for sale, including all cards currently and previously on the site. The data hacked out of BriansClub has been shared with the financial institutions that identify, monitor, or reissue compromised cards that show up for sale on criminal forums. BriansClub mostly resells cards stolen by other threat actors known as resellers or affiliates; both BriansClub and its resellers earn a certain percentage from each sale.
In 2015, BriansClub added 1.7 million card records for sale. In 2016, BriansClub uploaded 2.89 million stolen cards. 2017 saw some 4.9 million cards added, and in 2018, there were 9.2 million more. Between January and August 2019, BriansClub added a staggering number of 7.6 million cards. The security intelligence firm Flashpoint estimates that the website had close to $414 million worth of stolen credit cards for sale.
The reports say that data hacked from BriansClub is strings of zeroes and ones that can be encoded onto anything with a magnetic strip the size of a credit card, which can then be used to make purchases.
Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.
You will receive weekly cybersecurity news soon!
© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.