India-based cybersecurity startup Technisanct has uncovered a series of breached data involving debit and credit card details from top banks in 6 major South East Asian countries a couple of weeks ago.
ore than 300,000 payment card details comprising of expiry dates, PIN and CVV were found for sale in various dark-web forums. Based on the published 1,136 Bank Identification Number (BIN), these cards were issued by major banks in Thailand, Singapore, Malaysia, Indonesia, Vietnam and The Philippines.
The major credit card details leaked online on those forums was found during a research run conducted by the threat analyst team of Technisanct to analyse threats to the financial sector in South East Asian countries.
Technisanct reported that of the 6 countries, the Philippines was the worst hit, with 172,828 cards breached. This was followed by Malaysia and Indonesia with 37,145 and 35,354 cards breached respectively. Details for the other countries are as tabulated below.
|Country||Affected BINs||Breached Cards|
“The results are alarming as it seems no one is aware that such huge volume of payment card details is available in public. Any threat actor can get those card details and cause financial loss to the owners of the payment cards.”
As a follow-up measure, Technisanct have informed the Computer Emergency Response Team (CERT) of the respective countries of this situation via email on 18th February 2020 and provided them with the details. The 1,136 BIN were assessed and the details for 310,669 payment cards such as card number, name of card holder, expiry date, CVV and in some cases PIN were found to have been breached.
Some of the information of banks by the country provided on Technisanct’s press release are as shown below.
The data was dumped by major players like Fresh Stuff, Joker Stash and other regular actors who trade these kinds of data regularly. Sites like Fresh Stuff even provided daily updates with new dumps. The threat team at Technisanct had only assessed a few random sample data set from the dark-web sites and the above could just be a tip of the iceberg. It was unclear if more are to be uncovered.
The data was sold at a price based on their individual bank balance – the higher the bank balance, the higher the price of the card.
Researchers believe that the data may have been collected using the usual phishing methods through malware attack on individuals, fraudulent apps, or Point-of-Sale (POS) credit card terminals.
The use of credit cards should be considered outdated and unsafe in this era of cyberthreats. With online shopping being more prevalent today than it ever was, having to submit your personal data (PIN, CVV etc) over the internet to the servers for processing for any online activity just seems to be an unnecessary risk. It is for this reason that cryptocurrencies like bitcoin and litecoin offer a far safer way of paying for goods and services – both online and offline – as no private information is exposed in the transactions.