Threat Management, Identity

BidenCash card shop leaks 2 million payment card records

Several credit cards and coins are seen

A carding marketplace known as BidenCash leaked over 2 million payment card records on a top tier dark net for free in celebration of its first anniversary. 

According to the Cyble researchers who first disclosed it, the leaked information is massive, with at least 740,858 credit cards, 811,676 debit cards, and 293 charge cards being published on the well-known Russian-speaking dark web forum XSS.  

The leak data included sensitive information, including payment card numbers, expiration dates, and CVV codes, with the card expiration dates going from early 2023 to 2052.  

While there may be limited mileage on the cards approaching expiration, Cyble researchers warned that "threat actors have been known to purchase expired payment cards to gain more information on potential victims."  

Nearly 70% of the cards belong to victims based in the U.S., while around 10% are based in China and Mexico, Cyble added.  

Operating for just a year, BidenCash has made its name as one of the top carding marketplaces by releasing details of millions of victims' personal and financial information for free. Earlier in June and October 2022, it released the details of 7.9 million personal information and 1.2 million compromised payment cards, respectively.  

Threat intel firm Flashpoint said that given that a typical release among carding marketplaces is approximately 40,000 stolen credit cards, BidenCash's release marks one of the largest observed over the past year.  

"Like any offering of free samples, the goal is to attract new customers to the storefront," Flashpoint noted in a blog post.  

BidenCash advertised the leak on top tier underground forum (Image credit: Cyble)  

"We are thrilled to have reached our first year anniversary as an online store, and we couldn't have done it without your support! Thank you for choosing our store and for trusting us to provide you with quality products and excellent service," BidenCash said in the announcement. "We are proud to have you as a customer, and we look forward to continuing to serve you in the coming years. Your loyalty and trust are what motivate us to keep improving and growing our business."  

Carding marketplaces are dark web sites that trade stolen credit card information, enabling threat actors to commit financial fraud with the stolen data. According to newly released Federal Trade Commission data, credit card fraud has emerged as the most frequently reported type of identity theft in 2022, with FTC receiving 441,882 reports from people who claimed that their credit information had been misused. The Nilson Report, which monitors the payment industry, released a forecast last week, predicting that U.S. losses from card fraud will total $165.1 billion over the next ten 10 years. 

Chase Bank in the U.S. is mostly impacted by the release, followed by Bank of American and Well Fargo Bank.  

Top ten most impacted banks (Image credit: Cyble) 
Menghan Xiao

Menghan Xiao is a cybersecurity reporter at SC Media, covering software supply chain security, workforce/business, and threat intelligence. Before SC Media, Xiao studied journalism at Northwestern University, where she received a merit-based scholarship from Medill and Jack Modzelewski Scholarship Fund.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.