Here is a recent case study that shares how criminals continue to leverage technology to steal credit and debit cards and benefit financially by selling them on the open market.
In early 2023, a prominent underground marketplace for compromised payment known as Bidencash, which uses the president’s name and likeness to trade in stolen data, shared a dump of more than 2 million compromised payment cards. The cards were shared as an act of the market’s one year anniversary, and they advertised the leak on various underground forums and communities.
Analysis of the data leak suggests that the dump included a total of 2,165,701 compromised payment cards, both debit and credit, most of which come with cards’ CVV’s, expiration dates, cardholders’ names and, in some cases, even their email addresses. Victims worldwide were impacted, approximately 55% of them originate from the United States and nearly 8.4% of the cards are still active and can be used for fraudulent purposes.
In addition, it was discovered that compromised card leaks subsequently appeared in other compromised card data marketplaces. It is important to note that this is the second time a large dump of compromised payment card data was shared by the Bidencash group. In late 2022, approximately 1 million compromised cards were shared, allegedly to attract attention and increase its reputation among other cybercriminals.
Law Enforcement utilize ERAD’s cutting-edge solution to identify stolen cards and deconflict relevant data with other Cases from around the country.