Inside the Black Market That Buys and Sells Target’s Stolen Credit Cards

The amount of information crooks can seize at shady online card-purchasing shops is terrifying.

Battleground: It's all in the cards.
National Journal
Dustin Volz
Dec. 20, 2013, 9:17 a.m.

The mass theft of cred­it-card data has spawned an un­der­ground black mar­ket where huge stacks of those cards are be­ing pur­chased by iden­tity thieves.

This black mar­ket is in the spot­light thanks to a new ex­pose from Bri­an Krebs, the same blog­ger who broke the story earli­er this week that Tar­get was in­vest­ig­at­ing a data breach of mil­lions of cred­it- and deb­it-card ac­counts.

Krebs ex­plains that a large bank knew Tar­get had been breached after it went and bought “a huge chunk of the bank’s card ac­counts from a well-known ‘card shop’ — an on­line store ad­vert­ised in cy­ber­crime for­ums as a place where thieves can re­li­ably buy stolen cred­it and deb­it cards.” He con­tin­ues:

There are lit­er­ally hun­dreds of these shady stores selling stolen cred­it and deb­it cards from vir­tu­ally every bank and coun­try. But this store has earned a spe­cial repu­ta­tion for selling qual­ity “dumps,” data stolen from the mag­net­ic stripe on the backs of cred­it and deb­it cards. Armed with that in­form­a­tion, thieves can ef­fect­ively clone the cards and use them in stores. If the dumps are from deb­it cards and the thieves also have ac­cess to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the vic­tim’s bank ac­count.

Tar­get con­firmed on Thursday that 40 mil­lion cards had been stolen in a na­tion­wide data breach span­ning from Nov. 27 to Dec. 15. Fol­low­ing the an­nounce­ment, Krebs reached out to a small com­munity bank in New Eng­land to see if it knew which of its cards had been stolen.

Krebs teamed up with the bank’s fraud team to fig­ure out which of its cards might be at risk for fraud giv­en that “the tiny bank had not yet heard any­thing from the card as spe­cif­ic cards that might have been com­prom­ised as a res­ult of the Tar­get breach,” des­pite the fact that al­most 6,000 of the cards is­sued had been used in Tar­get stores around the coun­try. He began search­ing through a black-mar­ket card site and went shop­ping. What he found is noth­ing short of ter­ri­fy­ing.

Some high­lights:

Like oth­er card shops, this store al­lows cus­tom­ers to search for avail­able cards us­ing a num­ber of qual­i­fic­a­tions, in­clud­ing BIN; dozens of card types (Mas­ter­Card, Visa, et. al.); ex­pir­a­tion date; track type; coun­try; and the name of the fin­an­cial in­sti­tu­tion that is­sued the card….

An­oth­er fas­cin­at­ing fea­ture of this card shop is that it ap­pears to in­clude the ZIP code and city of the store from which the cards were stolen. One fraud ex­pert I spoke with who asked to re­main an­onym­ous said this in­form­a­tion is in­cluded to help fraud­sters pur­chas­ing the dumps make same-state pur­chases, thus avoid­ing any knee-jerk fraud de­fenses in which a fin­an­cial in­sti­tu­tion might block trans­ac­tions out-of-state from a known com­prom­ised card.

Krebs also notes that the store doesn’t let its cus­tom­ers buy up cards with their own cred­it cards. In­stead, thieves must use vir­tu­al cur­ren­cies like Bit­coin or wire trans­fers like West­ern Uni­on to com­plete a trans­ac­tion.

What We're Following See More »
SANDERS UP TEN POINTS
Trump Leads Tightly Packed Group Vying for Second
2 hours ago
THE LATEST

In one of the last surveys before New Hampshirites actually vote, a Monmouth poll has Donald Trump with a big edge on the Republican field. His 30% leads a cluster of rivals in the low-to-mid teens, including John Kasich (14%), Jeb Bush and Marco Rubio (13% each) and Ted Cruz (12%). On the Democratic side, Bernie Sanders leads Hillary Clinton 52%-42%.

Source:
×