Cards pilfered in Target breach for sale in underground markets

Share this article:
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.

Credit and debit cards and CVV codes pilfered by hackers in the holiday Target breach have begun showing up for sale in underground marketplaces at about $20 to $100 per card, according to technology journalist Brian Krebs, who first broke the story of the 40 million card theft.

“There are literally hundreds of these shady stores selling stolen credit and debit cards from virtually every bank and country,” Krebs wrote on Friday. In a follow-up article posted Sunday, Krebs said that non-U.S. cards were fetching an even higher price of about $23 to $135.

Krebs explained that one black marketplace in particular has been selling dumps, which is the information ripped straight from the magnetic stripes of the cards and sold in bulk. The technology journalist said that some dumps contain up to a million accounts.

“Armed with that information, thieves can effectively clone the cards and use them in stores,” Krebs wrote. “If the dumps are from debit cards and the thieves also have access to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the victim's bank account.”

Target announced Thursday that it had become the victim of an attack between Nov. 27 and Dec. 15 that may have compromised approximately 40 million credit and debit cards and CVV codes, as well as customer names.

Officials with the retail giant have yet to confirm exactly how attackers were able to steal the information, but most experts agree that hackers targeted point-of-sale (POS) devices.

On Friday, Gregg Steinhafel, chairman, president and CEO of Target, issued a statement on the retailer's website in which he wrote that Target or the banks will be responsible for fraudulent charges to victims' cards. He added that all affected individuals will be offered free credit monitoring services.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Researcher hacks iPhone 6 Touch ID sensor

Little progress was made security wise, between the iPhone 5S and iPhone 6 sensor, a researcher found.

LEADS Act addresses gov't procedure for requesting data stored abroad

LEADS Act addresses gov't procedure for requesting data ...

Senators introduced the legislation last week as a means of amending the Electronic Communications Privacy Act (ECPA).

Report: Intrustion prevention systems made a comeback in 2013

Report: Intrustion prevention systems made a comeback in ...

A new report indicates that intrusion prevention systems grew 4.2 percent in 2013, with growth predicted to continue.