Singaporean cybersecurity company Group-IB has found around 400,000 payment card records of US and South Korean financial organisations on dark web Joker’s Stash.

The dark web has set a $1.99m price tag to the entire credit and debit card data set, which exposes 397,365 card records.

Go deeper with GlobalData

Data Insights

The gold standard of business intelligence.

Find out more

Of these, the majority are said to be South Korean card records accounting for up to 198,233 items or 49.9% of the records.

Around 49.3% of the records are said to be from US banks and financial organisations.

Individual cards are available at $5 each. The seller claims that the data set has a validity rate of nearly 30-40%.

Group-IB called the dump the “biggest sale of South Korean records on the dark web in 2020”.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The data dump holds Track 2 data including the data stored on the card’s magnetic stripe, bank identification number (BIN), account number, expiration date, as well as the card verification value (CVV).

“The Track 2 data (also referred as card dumps) is used for card present transactions and usually comes from infected POS terminal, from ATM skimmers or breached merchant’s payment system,” the cybersecurity company said.

The source of the compromised data is unknown, noted Group-IB.

The cybersecurity firm has already alerted the national CERTs (computer emergency response teams) and affected financial organisations about the breach.

Group-IB senior threat intelligence analyst Shawn Tay said: “Even though, there is not enough information in this dump to make online purchases, fraudsters who buy this data can still cash out stolen records.

“If a breach is not detected promptly by the card-issuing authority, crooks usually produce cloned cards („white plastic“) and swiftly withdraw money via ATMs or use cloned cards for illicit in-person purchases.”

This February, Group-IB found 461,976 payment card details, mostly from Indian banks, available for sale on Joker’s Stash.