ESET, the company in charge of detecting cyberattacks, warns that the data of more than 2 million credit and debit cards from various countries were leaked on the dark web (deep internet).
Filtration affects especially to the US and to a lesser extent to Mexico and China.
According to ESET, on the website BidenCashwhich specializes in trading stolen credit and debit card data, has a free base of 2,165,710 cards.
Between information that is available on the dark web counts card numbers, expiration dates (up to 2052) and security codes.
In addition, also the personal information of people, such as name, surname, email addresses, telephone numbers and addresses.
As mentioned before, the most affected country was the United States, with a total of 966,000 cards involved. Further behind is Mexico, with 97,660 records and, third, China, with 97,002.
Andrea Draghettiresponsible for Intelligence and Threats of d3labITtold Bleeping Computer that although the database has duplicate information, there are more than 2 million records that are unique.
Draghetti also warned that the almost 500,000 emails leaked on the same database are a potential input for cybercriminals specializing in phishing and fraud related to identity theft.
BidenCash is a website that has been operating since the beginning of 2022 and has already used database leaks on other occasions as a strategy to publicize its services.
In October, he made a similar post with a database that had more than 1.1 million cards.
Dark web: companies must strengthen their cybersecurity
With the explosion of online transactions and the increasing use of remote credit and debit cards, the importance of protecting user data has become more critical than ever.
Companies that fail to protect their users’ personal and financial information risk not only losing their trust, but also facing serious legal and financial consequences.
One of the biggest threats to user data is data breaches (like the one discussed in this note).
For the companies, the costs can be lethal. It’s that in addition to the direct costs of compensating affected users and paying legal fees, companies can also suffer serious damage to their long-term reputations.
To protect user data, companies must take a comprehensive approach to cybersecurity.
This includes implementing strong security measures such as encryption, multi-factor authentication, and regular security audits. In addition, you have to ensure that your employees are trained on data protection practices and that all third-party providers with access to user data also follow strict security protocols.
Granny asks for help to make groceries in the Walmart app; Show your list online
WhatsApp tests cryptocurrency payments directly from the app’s chat
These are the new Telegram functions with which it seeks to surpass WhatsApp