Cards pilfered in Target breach for sale in underground markets

Share this article:
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.
Credit and debit cards stolen by hackers in the breach started turning up in online marketplaces.

Credit and debit cards and CVV codes pilfered by hackers in the holiday Target breach have begun showing up for sale in underground marketplaces at about $20 to $100 per card, according to technology journalist Brian Krebs, who first broke the story of the 40 million card theft.

“There are literally hundreds of these shady stores selling stolen credit and debit cards from virtually every bank and country,” Krebs wrote on Friday. In a follow-up article posted Sunday, Krebs said that non-U.S. cards were fetching an even higher price of about $23 to $135.

Krebs explained that one black marketplace in particular has been selling dumps, which is the information ripped straight from the magnetic stripes of the cards and sold in bulk. The technology journalist said that some dumps contain up to a million accounts.

“Armed with that information, thieves can effectively clone the cards and use them in stores,” Krebs wrote. “If the dumps are from debit cards and the thieves also have access to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the victim's bank account.”

Target announced Thursday that it had become the victim of an attack between Nov. 27 and Dec. 15 that may have compromised approximately 40 million credit and debit cards and CVV codes, as well as customer names.

Officials with the retail giant have yet to confirm exactly how attackers were able to steal the information, but most experts agree that hackers targeted point-of-sale (POS) devices.

On Friday, Gregg Steinhafel, chairman, president and CEO of Target, issued a statement on the retailer's website in which he wrote that Target or the banks will be responsible for fraudulent charges to victims' cards. He added that all affected individuals will be offered free credit monitoring services.

Share this article:

Sign up to our newsletters

More in News

Hackers target video game companies to lift copy protections and develop cheats

A threat group is targeting video game companies in order to lift DRM protections, develop cheats and possibly to steal source code.

Android malware spreads via mail tracking SMS spam

The mobile malware is currently targeting German users, McAfee revealed.

About 2,800 victims of worldwide info-stealing campaign targeting various sectors

About 2,800 victims of worldwide info-stealing campaign targeting ...

Unknown attackers have claimed about 2,800 victims in an ongoing information-stealing campaign identified by Kaspersky Lab as "Crouching Yeti."