Millions of Credit Card Numbers Found on the Dark Web for Free

  • By Dawna M. Roberts
  • Aug 18, 2021

 Many data breaches have occurred over the past few years, and as a result, there is a treasure trove of stolen personal information out there belonging to innocent victims. Now, millions of stolen credit card numbers have appeared on the dark web for free.

What Happened?

In an effort to build traffic on the dark web to AllWorld.Cards, hackers have posted millions of credit card numbers purportedly for free to anyone who wants to download them.

Threatpost reported this week that “Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials.”

Threat researchers at Cyble first discovered the cache of stolen cards. This past weekend, they published a notice on their blog stating that they discovered the cards during “routine monitoring of cybercrime and Dark Web marketplaces.” These particular cards were stolen sometime during 2018 and 2019 and published on a new and upcoming cybercriminal marketplace called AllWorld.Cards.

According to the hackers offering the cards, the database of information contained credit card numbers, expiration dates, CVV, owner’s name, address, city, state, country, and zip code. They also include the user’s email address and phone number.

In its post, Cyble states that “Our analysis suggests that this market has been around since May 2021 and is available on a Tor channel as well.”

The actual message was pulled from the AllWord.Cards site is as follows:

We publish 1,000,000 bank cards to the public.
Walid is about 20%. All material from 2018-2019.
Fields: CCNumber Exp CVV Name Country State City Address Zip EmailPhone.
Promotion of unprecedented generosity from the store AllWords.Cards.

The list of cards comes from many different countries. The threat actors claim that at least 27% are still active, but it is unclear if that is true. It would seem that most victims would have canceled the cards by now and replaced them.

According to Threatpost, “However, according to D3 Lab’s own analysis—which involved sending the credit-card numbers to client banks “to carry out the appropriate mitigation actions” — researchers found that closer to 50 percent of the cards are “still operational, not yet identified as compromised,” they said.”

They also included a breakdown of countries where the cards were stolen:

“Cyble posted a list of the top 500 banks affected by the leak of stolen credit cards in descending order. Of the banks, 72,937 of the cards were associated with the State Bank of India; 38,010 with Banco Santander (Brazil); 30480 with a U.S. bank based in Ohio called Sutton Bank; 27,441 with JP Morgan Chase Bank N.A.; and 24,307 with BBVA Bancomer S.A., a bank based in Mexico.”

Credit card numbers appear on dark web

Some of the Ways Credit Card Numbers are Stolen

Organized crime has got deep pockets when it comes to stolen information. Some of the ways these hacker gangs snag credit cards are through.

  • Man-in-the-middle attacks.
  • Card skimmers at gas stations, ATMs, and POS terminals. 
  • Malware on website shopping carts.
  • Magecart attacks.
  • Infostealing malware on the user’s machine.

Tips For Credit Card Holders to Stay Safe

Some tips from Cyble on protecting cardholders include:

  • “Never share your personal information, including financial information, over the phone, email, or SMS messages.     
  • Use tough-to-guess passwords besides implementing multi-factor authentication.     
  • Make it a habit to keep a watch on your financial transactions, and if you notice any suspicious activity, contact your bank immediately.     
  • Turn on the automatic software update feature on your computer, mobile, and other connected devices wherever possible and pragmatic. 
  • Never open untrusted links and email attachments without verifying their authenticity.”
About the Author
IDStrong Logo

Related Articles

Instagram Vulnerability Allowed Hackers Access to Control Your Phone

Security experts Check Point Research discovered a critical vulnerability while examining Instagra ... Read More

Alien Malware Infects More than 226 Mobile Apps and Steals Bank Data

As reported on September 24, 2020, by ZDNet and ThreatPost, a new strain of malware named “A ... Read More

Universal Health Systems Hit by Ransomware Attack

Universal Health Systems (UHS), a Fortune 500 company owning more than 400 hospitals across the co ... Read More

Exchange Server Bug Exposes a Big Risk to Hackers

Months after Microsoft released a patch to fix a serious flaw in MS Exchange Server, more than 61% ... Read More

Clients’ Bank Data Exposed in Blackbaud Ransomware Attack

Blackbaud software was victim to a ransomware attack last May, and new information suggests that c ... Read More

Latest Articles

Cementitious Vendor—CGM—Network Compromised by 315k Data Breach

Cementitious Vendor—CGM—Network Compromised by 315k Data Breach

Based in Philadelphia, Pennsylvania, CGM is a nationwide cementitious vendor for industries and construction projects. They are a leader in manufacturing, labeling, and distributing custom cement and patching products.

Chattanooga Heart Institute Updates on 2023 Network Cyber Attack

Chattanooga Heart Institute Updates on 2023 Network Cyber Attack

Patients with cardiovascular issues may appear in one of the Chattanooga Heart Institute (CHI) facilities in Tennessee and Georgia.

Oklahoma’s Largest Non-Profit Health System Breached; 2.3 Million Exposures

Oklahoma’s Largest Non-Profit Health System Breached; 2.3 Million Exposures

INTEGRIS Health is the largest non-profit healthcare network in Oklahoma and surrounding regions. The network includes medical and surgical centers, hospitals, emergency rooms, hospice options, addiction recovery programs, and a holistic approach to health and wellness.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Exposure Scan
Instantly and Securely Check if Your Personal Information is Exposed on the Dark Web or Sold by Data Brokers
Please enter first name
Please enter last name
Please select a state
Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address