Cards pilfered in Target breach for sale in underground markets

Share this article:
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.

Credit and debit cards and CVV codes pilfered by hackers in the holiday Target breach have begun showing up for sale in underground marketplaces at about $20 to $100 per card, according to technology journalist Brian Krebs, who first broke the story of the 40 million card theft.

“There are literally hundreds of these shady stores selling stolen credit and debit cards from virtually every bank and country,” Krebs wrote on Friday. In a follow-up article posted Sunday, Krebs said that non-U.S. cards were fetching an even higher price of about $23 to $135.

Krebs explained that one black marketplace in particular has been selling dumps, which is the information ripped straight from the magnetic stripes of the cards and sold in bulk. The technology journalist said that some dumps contain up to a million accounts.

“Armed with that information, thieves can effectively clone the cards and use them in stores,” Krebs wrote. “If the dumps are from debit cards and the thieves also have access to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the victim's bank account.”

Target announced Thursday that it had become the victim of an attack between Nov. 27 and Dec. 15 that may have compromised approximately 40 million credit and debit cards and CVV codes, as well as customer names.

Officials with the retail giant have yet to confirm exactly how attackers were able to steal the information, but most experts agree that hackers targeted point-of-sale (POS) devices.

On Friday, Gregg Steinhafel, chairman, president and CEO of Target, issued a statement on the retailer's website in which he wrote that Target or the banks will be responsible for fraudulent charges to victims' cards. He added that all affected individuals will be offered free credit monitoring services.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

President signs Executive Order to improve payment security

President signs Executive Order to improve payment security

President Obama signed an Executive Order at the Consumer Financial Protection Bureau calling for enhanced security measures, including microchips and PINs.

Security, tech firm coalition fights Hikit actors, other advanced groups

Security, tech firm coalition fights Hikit actors, other ...

The coalition began as an effort to stop the spread of the Hikit trojan, previously known for targeting U.S. defense contractors.

Phishing email delivers keylogger malware, also takes screenshots

Phishing email delivers keylogger malware, also takes screenshots

The malware has various features, including the ability to start persistently, take screenshots and bypass user access controls.