Login

Register

Login

Register


More than 30 MILLION debit and credit card records stolen from hack on convenience store Wawa are being sold on the dark web in what researchers call one of the biggest breaches of all time

  • A breach of convenience store Wawa leaked millions of financial records online
  • Researchers say a trove of 30 million records has been found on the dark web 
  • Experts claim the breach is among the biggest ever recorded
  • ZDNet reports CVV numbers were included in the data despite Wawa’s claims 

Credit and debit card information stolen in a major breach of a US convenience store have now surfaced on the dark web where they’re being sold on a black market.

According to the cyber security firm Gemini Advisory, the stolen data is being sold on a black marketplace called Joker’s Stash and includes more than 30 million debit and credit records hoovered from hundreds of stores in the US.

‘Since the breach may have affected over 850 stores and potentially exposed 30 million sets of payment records, it ranks among the largest payment card breaches of 2019, and of all time,’ write researchers.

Pictured is a screen cap from a site called ‘Joker’s Stash’ where the stolen data is being sold on the dark web

The database encompasses more than 1 million different victims and across 40 US states with most of those implicated coming from Florida, New Jersey, and Pennsylvania. 

Original reports at the time the breach was uncovered in December suggested that ‘thousands’ of customers were affected. 

While Wawa has claimed that the breach did not compromise customers who only used an ATM and didn’t leak PIN or CVV numbers, ZDNet reports that some CVV numbers have shown up in the cache of stolen information.

The company denied that CVV numbers were ever compromised in a statement to ZDNet, however.

‘… only payment card information was involved, and that no debit card PIN numbers, credit card CVV2 numbers or other personal information were involved,’ the company told ZDNet.

As a result of the apparent attempt to hawk stolen data, Wawa said it will put its payment processors and card companies on notice for any suspicious activity.

‘We have alerted our payment card processor, payment card brands, and card issuers to heighten fraud monitoring activities to help further protect any customer information,’ the company said in a statement this week.

‘We continue to work closely with federal law enforcement in connection with their ongoing investigation to determine the scope of the disclosure of Wawa-specific customer payment card data.’

Wawa is being sued for the breach late last year and has been working with federal law enforcement to uncover the extent of the hack

Wawa is being sued for the breach late last year and has been working with federal law enforcement to uncover the extent of the hack

In December of 2019, the Pennsylvania-based company announced that its information security team discovered malware on its payment processing servers and on December 10 and managed to stop the breach on December 12. 

Since then, Wawa has faced multiple lawsuits. As of December, at least six lawsuits seeking class-action status were filed in federal court in Philadelphia.



Source link
——————————————————————————————————

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


NATIONAL CYBER SECURITY RADIO
[spreaker type=player resource="show_id=4560538" width="100%" height="550px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]
HACKER FOR HIRE MURDERS
 [spreaker type=player resource="show_id=4569966" width="100%" height="350px" theme="light" playlist="show" playlist-continuous="true" autoplay="false" live-autoplay="false" chapters-image="true" episode-image-position="left" hide-logo="false" hide-likes="false" hide-comments="false" hide-sharing="false" hide-download="true"]

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW