Gemini Advisory – Page 3 – WindowsTechs.com

Wawa Breach May Have Compromised More Than 30 Million Payment Cards

Posted on January 28, 2020 by BrianKrebs

In late December 2019, fuel and convenience store chain Wawa Inc. said a nine-month-long breach of its payment card processing systems may have led to the theft of card data from customers who visited any of its 850 locations nationwide. Now, fraud experts say the first batch of card data stolen from Wawa customers is being sold at one of the underground’s most popular crime shops, which claims to have 30 million records to peddle from a new nationwide breach. Continue reading Wawa Breach May Have Compromised More Than 30 Million Payment Cards→

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Posted on November 26, 2019 by BrianKrebs

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest bat… Continue reading Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains→

Takeaways from the $566M BriansClub Breach

Posted on October 29, 2019 by BrianKrebs

Reporting on the exposure of some 26 million stolen credit cards leaked from a top underground cybercrime store highlighted some persistent and hard truths. Most notably, that the world’s largest financial institutions tend to have a much better idea of which merchants and bank cards have been breached than do the thousands of smaller banks and credit unions across the United States. Also, a great deal of cybercrime seems to be perpetrated by a relatively small number of people. Continue reading Takeaways from the $566M BriansClub Breach→

Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft

Posted on October 29, 2019 by Jeff Stone

A database containing roughly 1.3 million credit and debit card numbers belonging primarily to Indian bank customers was uploaded this week to Joker’s Stash, an online market specializing in stolen personal data, according to new findings by security researchers. Group-IB, in a statement e-mailed Tuesday to CyberScoop, said the database was uploaded Oct. 28, and is worth more than $130 million, the equivalent value of roughly one dollar per record. Ninety-eight percent of the files belong to Indian banks, while 1% originate with a Colombian entity. Group-IB did not name any of the banks affected, victims included in the database or speculate on who may have uploaded the information. This addition of credit card information came just days after researchers determined that Joker’s Stash is growing. Over its four-year lifespan, the illicit card shop has become a dumping ground for financial information stolen from organizations like Hy-Vee, Sonic Drive-In and others. Now, […]

The post Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft appeared first on CyberScoop.

Continue reading Scammers just posted 1.3 million payment card numbers on Joker’s Stash, a market for ID theft→

“BriansClub” Hack Rescues 26M Stolen Cards

Posted on October 15, 2019 by BrianKrebs

“BriansClub,” a popular underground store for buying stolen credit card data that uses Yours Truly’s likeness in its advertising, has itself been hacked. The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone. Continue reading “BriansClub” Hack Rescues 26M Stolen Cards→

Data: E-Retail Hacks More Lucrative Than Ever

Posted on April 30, 2019 by BrianKrebs

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incentive than ever to target e-commerce stores. Continue reading Data: E-Retail Hacks More Lucrative Than Ever→

Latest Pakistan bank-card fraud looks like an actual breach, researchers say

Posted on March 8, 2019 by Joe Warminsky

A spike in payment-card fraud in Pakistan over the past six months now appears to involve a possible breach of at least one bank’s internal systems, according to researchers with New York-based threat intelligence company Gemini Advisory. Previous reports — including research by Moscow-based cybersecurity company Group-IB — had noted two major dumps of Pakistani payment-card data on the dark web market Joker’s Stash in October and November, as well as further sales in January of this year. Gemini Advisory says it now appears that the card-information dumps point to a more aggressive level of hacking beyond point-of-sale attacks. “While fraudsters generally acquire card and PIN data with card skimmers and cameras or overlays, the January 24 and January 30, 2019 breach included such data in large quantities pertaining to a single bank – Meezan Bank Ltd.,” Gemini Advisory says. “Gemini analysts therefore assess with moderate confidence that the compromised records posted […]

The post Latest Pakistan bank-card fraud looks like an actual breach, researchers say appeared first on CyberScoop.

Continue reading Latest Pakistan bank-card fraud looks like an actual breach, researchers say→