The ad for newly-stolen payment card data is eye-popping.
It is complete with atomic explosions, mushroom clouds, Bruce Willis, and the headline:
"BIGBADABOOM-III" BREACH at JOKER's STASH!
This newest database claims to contain more than 30 million records that are brand new, from a nationwide breach. And there's more: it says the stolen credit data comes from people in 40 states and more than 100 countries.
All available, right now, at Joker's Stash.
Joker's Stash is a prominent carding forum on the Dark Web. This is one of many sites where cybercriminals buy and sell stolen credit card numbers.
The price per number varies, depending on the information that comes with it. The highest value records include security codes, names, addresses, dates of birth—everything cybercriminals need to open more credit in your name.
Researchers at Gemini Advisory discovered the "for sale" announcement and say the database of stolen payment information records comes from the Wawa data breach.
"Gemini has determined that the point of compromise for BIGBADABOOM-III is Wawa. Since the breach may have affected over 850 stores and potentially exposed 30 million sets of payment records, it ranks among the largest payment card breaches of 2019, and of all time."
Wawa is a chain of several hundred convenience stores and gas stations in the eastern United States.
It issued a statement this week in response to the carding forum discovery and did not dispute Gemini Advisory's findings.
"Today, we became aware of reports of criminal attempts to sell some customer payment card information potentially involved in the previous Data Security Incident announced by Wawa on December 19, 2019. We have alerted our payment card processor, payment card brands, and card issuers to heighten fraud monitoring activities to help further protect any customer information.
We continue to work closely with federal law enforcement in connection with their ongoing investigation to determine the scope of the disclosure of Wawa-specific customer payment card data."
When Wawa announced the data breach last month, it laid out the following timeline.
And now we can add another item to the data breach timeline:
Think of carding forums like an eBay for cybercriminals and hackers. Here is a look at the parties typically involved:
For more on the operation of these criminal forums, see our previous story: Hacked Credit Card Numbers: $20M in Fraud from a Single Marketplace.
And like any e-commerce site, the Joker's Stash likes publicity.
"Joker's Stash uses the media coverage of major breaches such as these to bolster their credibility as the most notorious vendor of compromised payment cards."
Gemini Advisory says Joker's Stash previously sold hacked credit card data from the Lord & Taylor and Saks Fifth Avenue data breach.
[RELATED: Wawa data breach announcement]
[RESOURCE: SecureWorld cybersecurity conference 2020 schedule]