Half a million Indian debit, credit card records up for sale on Dark Web

A Singapore-based cybersecurity company has detected a fresh database of credit and debit cards issued by Indian banks available for sale on the Dark Web. This database includes payment records of 461,976 cards, 98 per cent of which were from the "biggest Indian banks".

"On February 5, a new database under the name "INDIA-BIG-MIX" (full name: [CC] INDIA-BIG-MIX (FRESH SNIFFED CVV) INDIA/EU/WORLD MIX, HIGH VALID 80-85%, uploaded 2020-02-05 (NON-REFUNDABLE BASE) went on sale on the Joker's Stash - one of the most popular underground cardshops," Group-IB said.

ALSO READ: SBI Cards IPO likely to hit market in current quarter, says Rajnish Kumar

The latest database of payments cards is valued at $4.2 million in the underground market, each card being sold for $9 apiece, said cybersecurity firm Group-IB in a statement. So far 16 cards have been sold, it added. The company said it has informed the Indian Computer Emergency Response Team (CERT-In) about the leaked payment card details.

The records on sale include exposed card numbers, expiration dates, CVV/CVC codes, and even additional information such as cardholders' full name, as well as their emails, phone numbers and addresses.

This is the second instance of Indian cardholders' details being put up for sale on Joker's Stash that has been detected by Group-IB. In October 2019, the firm found a database of 1.3 million credit and debit card records of mostly Indian banks' customers uploaded to the Dark Web cardshop.

ALSO READ: RBI allows users to enable, disable credit, debit cards; modify usage limit

"The last case was registered in October last year, where information in the magnetic strips of payment cards, or card dumps, were put up for sale. This time around, the nature of data available indicates that the data was compromised during online transactions," said Dmitry Shestakov, Head of Group-IB Cybercrime research unit.

"In the current case, we are dealing with so-called fullz - they have info on card number, expiration date, CVV/CVC, cardholder name as well as some extra personal info. Such type of data is likely to have been compromised online - with the use of phishing, malware, or JS-sniffers - while in the previous case, we dealt with card dumps (the information contained in the card magnetic stripe), which can be stolen through the compromise of offline POS terminals, for example," Shestakov added.

ALSO READ: SBI Cards IPO: 5 things to know about upcoming IPO