Singapore-based cybersecurity company Group-IB has discovered a database containing over 461,976 payment card records on the dark web, of which 98% belong to the Indian banks.
The cards are uploaded on the famous dark web forum Jokers Stash, used by cybercriminals to trade on stolen cards.
Jokers Stash is one of the biggest forums that facilitate the sale of financial data on the dark web.
The website boasts of a database that hosts the most current payment card details obtained through breaches. The accessed database revealed the card numbers, card holders' full names, CVV, expiry date, emails, physical addresses, and phone numbers.
As of Thursday, February 6, 2020, 16 cards were sold for an amount $9 each, and the estimated market value of the database by Group-IB is $4.2 million. An amount much lower than the October hack that resulted in the theft of over 1.3 million cards.
At the time, a card was going for $100. The source of the cards remains unknown.
Group-IB shared the details with (CERT-Ind) and is waiting for their response. The firm reports that this is not the first time they are sharing this kind of information with the Indian Computer Emergency Response Team (CERT-Ind) within the last six months.
All eyes are on the Indian Banking Industry, the investigative authorities, and the steps they intend to take to protect the affected parties.
After the breach last year, the banks said the allegations did not hold water and assured their customers of safety.
This is the second time after the first major incident was reported in October, in which the card dumps were obtained from Point of Sale terminals.
Tap here to join the discussion