A dark web marketplace called BidenCash has published the details of more than 1.2 million credit cards online.
According to a report by BleepingComputer, the leak included information such as card numbers, expiration dates, CVV numbers, cardholder names, bank names, card types, physical addresses, email addresses, Social Security numbers and phone numbers. This information is enough for cybercriminals to commit financial fraud and identity theft.
A majority of the cards came from the United States, while others were from India, Brazil, United Kingdom, Mexico, Australia, Spain, and China. Some of the cards won’t expire before 2023, while others will remain valid until 2026.
The leak seems to be a promotional campaign by BidenCash for its new shop domains after its original ones suffered a distributed denial of service (DDoS) attack. To ensure a broader reach, the cybercriminals distributed the URLs through a public web domain, as well as various hacking and carding forums.
Dark web credit card dumps like this are usually scams, as others only contain fake data or recycled data from old dumps packaged under a new name. However, cybersecurity firm D3Labs confirmed that roughly 30% of the credit cards are current, meaning around 350,000 cards could still be valid.
To protect your credit card from hackers, always verify the authenticity of the website you're entering your card details into. Also, immediately get in touch with your bank if you see any suspicious transactions, so they can block the card.