Financial data of more than 9 million cardholders leaked, including from SBI: Investigators

Cybersecurity researchers on Wednesday said they discovered a massive leak involving the financial data of more than nine million cardholders, including customers of the State Bank of India (SBI).



The Threat Intelligence team at the AI-driven CloudSEK, headquartered in Singapore, discovered a threat actor advertising a database of 1.2 million cards for free on a Russian-speaking Dark Web cybercrime forum.

This followed another incident where 7.9 million cardholder details were advertised on the BidenCash website.

Contrary to previous records, this time the hackers released sensitive personally identifiable information (PII), such as SSN, card details and CVV, the team revealed.

“State Bank of India, Fiserv Solutions LLC and American Express were some of the major banking institutions affected. Approximately 508,000 debit cards were breached with 414,000 records of Visa payment network followed by Mastercard,” the security researchers said.

Most of the personal emails related to the card details were made public. Other official email records were found related to SoftBank, Bank of Singapore and World Bank of the earlier data breach by BidenCash.

“Marketplaces like BidenCash often pop up where the threat actors trade sensitive card data for card and clone services. While the modern security mechanisms can minimize the impact, threat actors regularly check to deploy new methods to circumvent them,” he said. Rishika DesaiCyber ​​Threat Researcher- CloudSEK.

Leaked PII could allow threat actors to orchestrate social engineering schemes, phishing attacks and even identity theft.

“Exposed card data could be used by them to carry out attacks such as card smuggling, card cloning and unauthenticated transactions to facilitate illegal purchases,” researchers said.

The motivation behind these data breaches was to get more visitors to their website and build a reputation.

The BidenCash Forum became active in early February 2022. Post that the threat actor resorted to various ways to get traffic to his website, such as spamming comments on websites.

“On a personal level, trying to track your card transactions and being aware of malicious sites that lure many can help to a greater extent. As the BidenCash group tries to gain popularity through various measures, leaking card data is motivating other groups to follow the same steps,” Desai noted.

ALSO SEE:

One-year-old fitness startup by IIT graduates raises $3.4M in BYJU’s seed funding consolidates Indian operations, 5% workforce is ‘rationalised’ into teams