Cards pilfered in Target breach for sale in underground markets

Share this article:
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.

Credit and debit cards and CVV codes pilfered by hackers in the holiday Target breach have begun showing up for sale in underground marketplaces at about $20 to $100 per card, according to technology journalist Brian Krebs, who first broke the story of the 40 million card theft.

“There are literally hundreds of these shady stores selling stolen credit and debit cards from virtually every bank and country,” Krebs wrote on Friday. In a follow-up article posted Sunday, Krebs said that non-U.S. cards were fetching an even higher price of about $23 to $135.

Krebs explained that one black marketplace in particular has been selling dumps, which is the information ripped straight from the magnetic stripes of the cards and sold in bulk. The technology journalist said that some dumps contain up to a million accounts.

“Armed with that information, thieves can effectively clone the cards and use them in stores,” Krebs wrote. “If the dumps are from debit cards and the thieves also have access to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the victim's bank account.”

Target announced Thursday that it had become the victim of an attack between Nov. 27 and Dec. 15 that may have compromised approximately 40 million credit and debit cards and CVV codes, as well as customer names.

Officials with the retail giant have yet to confirm exactly how attackers were able to steal the information, but most experts agree that hackers targeted point-of-sale (POS) devices.

On Friday, Gregg Steinhafel, chairman, president and CEO of Target, issued a statement on the retailer's website in which he wrote that Target or the banks will be responsible for fraudulent charges to victims' cards. He added that all affected individuals will be offered free credit monitoring services.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Researchers observe more than a hundred connections to 'Backoff' sinkhole

Researchers with Kaspersky Lab were able to sinkhole two command-and-control servers used by certain Backoff point-of-sale malware samples.

Judge lifts stay but Microsoft won't hand over emails during appeal

A judge has lifted a suspension of a previous order compelling Microsoft to hand over customer emails stored on a server in Ireland.

Home Depot investigates possible payment card breach

Home Depot investigates possible payment card breach

Home Depot said on Tuesday that it is working with its banking partners and law enforcement to investigate a possible data breach.