Stolen Credit Cards Found in Briansclub Files 

KrebsOnSecurity was sent a link in September that provided access to files containing stolen credit card data — 26 million cards stolen over four years from numerous businesses both online and brick-and-mortar – held by hackers. brians club, an underground carding store that specializes in selling stolen payment card details for use in card-present or card-not present fraud at retail locations or ecommerce websites.

How It Happened

Credit cards are an extremely valuable commodity in cybercriminal circles. Sold on underground markets, credit cards can net criminals up to $500 for each card they sell – so law enforcement needs to monitor card sales and identify those behind them; which Briansclub Dealer did allegedly when selling over 26 million stolen credit and debit card records on its site.

Security researcher Brian Krebs recently received from an anonymous source a nearly 10 GB set of files containing stolen card data from hundreds, possibly thousands, of stores across the U.S. in four years hacked over that timeframe. According to Krebs’ source, these files came from BriansClub – an underground carding shop which uses this author’s name, likeness, and reputation in its advertising – an underground “carding” store using him as its advertisement since 2015. Krebs said this data came from thousands of hacked retailers across both online and brick-and-mortar retailers across U.S. retailers alike

Krebs reports that BriansClub’s hack enabled him to report an astounding $126 million sale of over 26 million stolen card records sold for sale, many of them still valid cards that were likely still valid when taken. Krebs states these stolen records were likely sold off to other crooks who specialize in breaking payment systems for profit; then these criminals sold the cards underground market and used them in various crimes including fraud.

Hackers who purchased stolen card data from BriansClub reportedly shared it with multiple sources within financial institutions in order to identify, monitor or reissue compromised cards being sold on the black market. This development should help reduce credit card fraud by giving banks more time and ability to act quickly when alerts arrive about cards that have fallen into criminal hands.

KrebsOnSecurity confirmed with sources at various financial institutions that some cards sold on BriansClub had been reported by employers to their credit card providers, leading them to cancel the cards in question. A source at a small financial institution estimated that many of their cards had ended up there before receiving alerts from Visa and MasterCard.

What We Know So Far

The Briansclub Security Incident was one of the largest data breaches ever. A cyber attack took place against a website dedicated to selling stolen credit card data; hackers gained entry and removed millions of records which were then sold on underground markets – serving as a stark reminder that sensitive data must always remain protected against cyberattack.

Criminals specializing in breaching payment card systems for profit both online and in physical stores suffered a setback with this breach; however, their crimes won’t end here and likely there will be further attacks in the near future.

KrebsOnSecurity reported that hackers breached an underground web “carding store,” known as BriansClub, specializing in selling stolen credit and debit card details to third parties for profit. They made off with 26 million cards by uploading it onto a black market website modeled after cybersecurity researcher Brian Krebs’ website using his name and likeness as marketing, known to “resell” or resell stolen card data with commission on sales from each card sold.

This website serves as a hub for illegally acquired financial data, including stolen credit card numbers, CVV2 codes and Fullz info. As a result, it facilitates various forms of fraud which has contributed to identity theft as well as financial loss for both individuals and businesses alike.

No one knows for certain who hacked BriansClub, but it appears to have been perpetrated by an individual or group that managed to retrieve stolen data and return it safely – something banks can use as part of proactive fraud mitigation strategies.

According to data published recently on Gemini blog post, BriansClub has sold 9.1 million stolen cards since 2015 and made $126 Million worth of bitcoins during this time. As one of many sites offering stolen card data to hackers for purchase, its popularity among cybercrime underground can easily be understood.

Notably, BriansClub customers remain extremely loyal despite this breach due to its prompt and open response which fostered transparency and communication with affected customers.

What Can Be Done About It

Briansclub cm’s stolen data serves as a timely reminder that no business, large or small, is exempt from cyber attacks. Businesses must proactively work on strengthening their security tools, invest in multi-factor authentication solutions, train employees on cybersecurity best practices and regularly patch and update systems so hackers are not exploited through known vulnerabilities.

The Briansclub cm hack demonstrates the many methods hackers have available for them to obtain credit card data, and how easily criminals use this stolen data for fraudulent activity. One method involves taking credit cards directly from point-of-sale machines within stores while the other involves hackers breaking into online shopping carts in order to steal credit card data entered at checkout time by customers; card-not-present fraud is becoming an increasing risk among businesses that sell products online.

Hackers with stolen credit card data can then sell it on to other criminals in a process known as “carding,” who can then use this stolen information to make fraudulent purchases at online or physical retailers using this stolen card data – the hacked Briansclub site offered over 26 million stolen records for sale!

No exact numbers exist on how many stolen credit and debit cards still validly function, but approximately 14 million could potentially be used for fraud. Data obtained included card numbers, expiration dates and CVV codes which could potentially allow criminals to commit various types of scams using this stolen information.

Security experts believe the data gleaned from Briansclub could cause disruptions to the underground carding marketplace, since it served as a major source for stolen credit card data. Furthermore, its proprietors are suspected of selling this stolen information to other criminals for a commission fee on each sale.

Briansclub cm responded quickly and was transparent throughout this incident, which helped build trust with their customers by showing they take security seriously. To further safeguard customer data moving forward, additional security protocols were put into place by Briansclub cm.

Final Words

Briansclub was one of the leading black market sites dealing in stolen credit card data when it was compromised earlier this month, wiping out over 26 million payment cards and defacing its reputation as an online store. Security journalist Brian Krebs reported that an anonymous source provided them with what appeared to be an archive of cards for sale – both currently and historically – on Briansclub, as well as information stolen from physical stores over four years and eight million records uploaded this year alone.

Card dumping sites sell previously stolen data to other cybercriminals who use it to make fraudulent purchases and earn commission from each sale. They also serve as repositories of illegally obtained credit card numbers, CVV2 codes and full card information (known as Fullz) that can be used to commit various types of fraud against banks and their customers.

No one knows for certain if any of the credit cards hacked from Briansclub remain valid, but according to an analysis conducted by security intelligence firm Flashpoint it’s estimated the site had close to $414 million worth of stolen card info for sale as of this writing, not including cards with future expiration dates that fraudsters might try reissuing them for profit.

Briansclub cm is dedicated to remaining transparent with its clients and providing enhanced security measures while also offering top-of-the-line products and services. They recognize that strong customer relationships are vital for success during times of crises. briansclub cm should serve as a reminder to users that regardless of how strong their cybersecurity measures may seem, cyber criminals still find ways to bypass them. Therefore, people should regularly change their passwords and enable two-factor authentication if applicable; additionally they should monitor their credit reports regularly for suspicious activity and report it promptly.

 

Related Articles

Leave a Reply

Back to top button