Researchers from Gemini Advisory have found out that over one million South Korean payment cards have been put up for sale on the dark web since May 29, 2019.
What happened?
South Korea has become the latest major victim of Card Present (CP) data theft after details of over one million payment cards have been made available online. According to Gemini Advisory, 230,000 records were put up for sale in June 2019, and 890,000 records in July 2019.
However, the source of these payment card details has not yet been identified yet. Since the payment card records contained only CP (Card Present) details, this automatically rules out web-based skimmers (Magecart scripts) installed on online stores.
Other possible sources include:
“While the exact compromised point of purchase (CPP) remains unclear, these records may have been obtained from the breach of a parent company that operates several different businesses in a variety of locations. It is also possible that a point-of-sale (POS) integrator was breached, allowing a threat actor access to a single integrator service that interfaces with many merchants,” researchers said.
Key Findings
“The median price per record from this spike is $40 USD, which is significantly higher than the median price of South Korean CP records across the dark web overall, which is approximately $24 USD,” Gemini Advisory said.
Publisher