Inside the Black Market That Buys and Sells Target’s Stolen Credit Cards

The amount of information crooks can seize at shady online card-purchasing shops is terrifying.

Battleground: It's all in the cards.
National Journal
Dustin Volz
Add to Briefcase
Dustin Volz
Dec. 20, 2013, 9:17 a.m.

The mass theft of cred­it-card data has spawned an un­der­ground black mar­ket where huge stacks of those cards are be­ing pur­chased by iden­tity thieves.

This black mar­ket is in the spot­light thanks to a new ex­pose from Bri­an Krebs, the same blog­ger who broke the story earli­er this week that Tar­get was in­vest­ig­at­ing a data breach of mil­lions of cred­it- and deb­it-card ac­counts.

Krebs ex­plains that a large bank knew Tar­get had been breached after it went and bought “a huge chunk of the bank’s card ac­counts from a well-known ‘card shop’ — an on­line store ad­vert­ised in cy­ber­crime for­ums as a place where thieves can re­li­ably buy stolen cred­it and deb­it cards.” He con­tin­ues:

There are lit­er­ally hun­dreds of these shady stores selling stolen cred­it and deb­it cards from vir­tu­ally every bank and coun­try. But this store has earned a spe­cial repu­ta­tion for selling qual­ity “dumps,” data stolen from the mag­net­ic stripe on the backs of cred­it and deb­it cards. Armed with that in­form­a­tion, thieves can ef­fect­ively clone the cards and use them in stores. If the dumps are from deb­it cards and the thieves also have ac­cess to the PINs for those cards, they can use the cloned cards at ATMs to pull cash out of the vic­tim’s bank ac­count.

Tar­get con­firmed on Thursday that 40 mil­lion cards had been stolen in a na­tion­wide data breach span­ning from Nov. 27 to Dec. 15. Fol­low­ing the an­nounce­ment, Krebs reached out to a small com­munity bank in New Eng­land to see if it knew which of its cards had been stolen.

Krebs teamed up with the bank’s fraud team to fig­ure out which of its cards might be at risk for fraud giv­en that “the tiny bank had not yet heard any­thing from the card as spe­cif­ic cards that might have been com­prom­ised as a res­ult of the Tar­get breach,” des­pite the fact that al­most 6,000 of the cards is­sued had been used in Tar­get stores around the coun­try. He began search­ing through a black-mar­ket card site and went shop­ping. What he found is noth­ing short of ter­ri­fy­ing.

Some high­lights:

Like oth­er card shops, this store al­lows cus­tom­ers to search for avail­able cards us­ing a num­ber of qual­i­fic­a­tions, in­clud­ing BIN; dozens of card types (Mas­ter­Card, Visa, et. al.); ex­pir­a­tion date; track type; coun­try; and the name of the fin­an­cial in­sti­tu­tion that is­sued the card….

An­oth­er fas­cin­at­ing fea­ture of this card shop is that it ap­pears to in­clude the ZIP code and city of the store from which the cards were stolen. One fraud ex­pert I spoke with who asked to re­main an­onym­ous said this in­form­a­tion is in­cluded to help fraud­sters pur­chas­ing the dumps make same-state pur­chases, thus avoid­ing any knee-jerk fraud de­fenses in which a fin­an­cial in­sti­tu­tion might block trans­ac­tions out-of-state from a known com­prom­ised card.

Krebs also notes that the store doesn’t let its cus­tom­ers buy up cards with their own cred­it cards. In­stead, thieves must use vir­tu­al cur­ren­cies like Bit­coin or wire trans­fers like West­ern Uni­on to com­plete a trans­ac­tion.

What We're Following See More »
SOUND LEVEL AFFECTED
Debate Commission Admits Issues with Trump’s Mic
24 minutes ago
THE LATEST

The Commission on Presidential Debates put out a statement today that gives credence to Donald Trump's claims that he had a bad microphone on Monday night. "Regarding the first debate, there were issues regarding Donald Trump's audio that affected the sound level in the debate hall," read the statement in its entirety.

Source:
TRUMP VS. CHEFS
Trump Deposition Video to Be Released
40 minutes ago
THE LATEST

"A video of Donald Trump testifying under oath about his provocative rhetoric about Mexicans and other Latinos is set to go public" as soon as today. "Trump gave the testimony in June at a law office in Washington in connection with one of two lawsuits he filed last year after prominent chefs reacted to the controversy over his remarks by pulling out of plans to open restaurants at his new D.C. hotel. D.C. Superior Court Judge Brian Holeman said in an order issued Thursday evening that fears the testimony might show up in campaign commercials were no basis to keep the public from seeing the video."

Source:
A CANDIDATE TO BE ‘PROUD’ OF
Chicago Tribune Endorses Gary Johnson
3 hours ago
THE LATEST

No matter that his recall of foreign leaders leaves something to be desired, Gary Johnson is the choice of the Chicago Tribune's editorial board. The editors argue that Donald Trump couldn't do the job of president, while hitting Hillary Clinton for "her intent to greatly increase federal spending and taxation, and serious questions about honesty and trust." Which leaves them with Johnson. "Every American who casts a vote for him is standing for principles," they write, "and can be proud of that vote. Yes, proud of a candidate in 2016."

FUNERAL FOR ISRAELI LEADER
Obama Compares Peres to ‘Giants of the 20th Century’
4 hours ago
THE DETAILS

Speaking at the funeral of former Israeli Prime Minister Shimon Peres, President Obama "compared Peres to 'other giants of the 20th century' such as Nelson Mandela and Queen Elizabeth who 'find no need to posture or traffic in what's popular in the moment.'" Among the 6,000 mourners at the service was Palestinian President Mahmoud Abbas. Obama called Abbas's presence a sign of the "unfinished business of peace" in the region.

Source:
THE QUESTION
How Many New Voters Does the Clinton Campaign Aim to Register?
4 hours ago
THE ANSWER

Three million—a number that lays "bare the significant gap between Donald Trump’s bare-bones operation and the field program that Clinton and her hundreds of aides have been building for some 17 months."

Source:
×