The latest leak from BidenCash includes payment card credentials in plain text, but unlike the site’s previous leaks, it does not include names or emails of cardholders.
BidenCash, a notorious dark web carding marketplace, has leaked over 1.6 million valid payment card data including debit and credit card details on a notorious Russian language cybercrime and hacking forum- The same forum offered the sale of military satellite access for $15,000 in June 2023.
The overall count of leaked card details stands at 1.9 million (1,912,969). Upon deduplication, the precise figure is reduced to 1.6 million cards (1,169,843), Hackread.com can confirm.
It is worth noting that on March 23, 2023, BidenCash leaked 2 million card data as part of its birthday celebration. The leak included cardholders’ full names, bank details, card numbers, expiration dates, card verification value (CVV) numbers, home addresses, and more than 500,000 email addresses.
This time around, there are no names or email addresses of the card owners involved. Instead, the leaked information consists of the full card number, expiry date, and CVV numbers – All in plain text format.
No Names is Good News
The absence of names in the leaked credit card data is good news for cardholders as it adds a layer of ambiguity and potentially mitigates the severity of the incident. While the compromised information includes sensitive details, the lack of associated names limits the extent to which the leaked data can be directly linked to specific individuals.
Without the inclusion of personal names, the potential for identity theft or targeted fraudulent activities may be reduced. However, it is crucial to note that the leaked financial details alone still pose a significant risk, as cybercriminals can exploit this information for unauthorized transactions and financial harm.
The overall impact of the breach, therefore, depends on the extent to which the compromised credit card details can be effectively exploited without the corresponding personal identifiers.
While the countries to which these cards belong remain unclear, BidenCash is notorious for engaging in large-scale selling and leaking of financial details. This includes a substantial amount of payment card data issued in countries such as the following:
- United States
- United Kingdom
The specific operational details of BidenCash remain uncertain however, carding sites primarily acquire credit card information through diverse means. These methods include the utilization of information-stealing malware, phishing attacks, skimming, and exploiting vulnerabilities in point-of-sale (PoS) systems.
“Our system automatically and in real-time tracks publicly available cards on Telegram channels, Discord chats, and forums to prevent unscrupulous suppliers from using outdated material. If a card sold by us is found publicly available, we impose a fine on the supplier. If a supplier’s materials regularly appear in public, they are blocked. Our unique system, applied only on our platform, reflects our commitment to our reputation. Over the past month, the system has detected over 1,900,000 cards.”BidanCash Website
If you own a debit or credit card, it is crucial to take extra precautions to ensure that your card is not being misused and that its credentials are protected from third parties. Caution is essential, particularly in watching out for phishing scams and malware attacks that target your financial information.
If your card issuer experiences a security breach, the responsibility rests on them to address the situation. However, it is vital to regularly monitor your bank statements and notify your bank of any suspicious transactions. Proactive communication with your financial institution is key to addressing potential issues and enhancing the security of your card information.