Hackers are putting the payment card information of more than 30 million Americans and more than a million foreigners up for sale on the world's largest card fraud forum, Joker. 39; s Stash. The latest "card dump" was listed as BIGBADABOOM-III in Joker's Stash, but security experts at Gemini Advisory have traced the stolen card data back to the chain of stores. near Wawa In December, Wawa disclosed a major security breach in which the company admitted that hackers had installed malware on its point-of-sale (POS) systems. According to the company, the malware collected card details for all of its customers who used credit or debit cards to purchase merchandise or gasoline at all of its 860 convenience stores. To make matters worse, the malware ran for months between March and December of last year before it was finally removed from Wawa's systems.
Card details for sale
Due to the lengthy infection period and the compromise of hundreds of different locations, the attackers behind the breach were able to collect quite a large cache of payment card details. In a blog post on its site, Gemini Advisory provided additional context on the scope of the Wawa data breach, saying: "Given that the breach may have affected more than 850 stores and potentially exposed 30 million sets of payment records, ranks among the largest payment card breaches of 2019 and of all time, comparable to the 2014 Home Depot breach exposing 50 million customer data or the 2013 Target breach exposing 40 million payment card data sets Joker's Stash has uploaded images of several major breaches in the past." Following the publication of the Gemini Advisory report, Wawa issued its own press release stating that the company is aware that customer card data is now available for sale online. The convenience store chain did not dispute the accuracy of the report, effectively confirming that the latest dump of Joker's Stash card came from its systems. According to Gemini Advisory, details of US-issued cards from the Wawa data breach are selling on the site for just €17 per card, while international cards are much more expensive at €210 per card. via ZDNet