AI Tools
TechSpot is about to celebrate its 25th anniversary. TechSpot means tech analysis and advice you can trust.
What just happened? There are plenty of illicit websites trading in stolen financial data, including one called BidenCash, which uses the president’s name and his image. To celebrate its first birthday, the site has published a database filled with over 2 million credit and debit card details so anyone can look them up free of charge.
BidenCash appears to be leaking the database as a way to drum up attention. Cyble researchers who first detected the leak write that it contains 2,165,700 credit and debit card details: 740,858 credit cards, 811,676 debit cards, and 293 charge cards.
In addition to the payment card numbers, the data includes names, around 497,000 email addresses from 28,000 unique email domains, phone numbers, home addresses, expiration dates (ranging from early 2023 to 2052), and CVV codes. It’s unclear how the site operators stole so many sensitive details.
The vast majority of these records – almost one million – come from the US, while Mexico, China, and the United Kingdom all have just under 100,000. The top three most impacted banks were Chase, Bank of America, and Wells Fargo.
“The presence of email addresses and full information (commonly referred to as ‘Fullz’ by cybercriminals) will make the victims of this leak vulnerable to other attacks, such as phishing, identity theft, and scams, long past the expiration of their card details,” wrote Cyble researchers.
According to D3Lab’s Head of Threat Intelligence, Andrea Draghetti, the data contained tens of thousands of duplicates, but 2,141,564 entries are unique.
This isn’t the first time BidenCash has leaked financial card data to gain publicity. It posted 1,221,551 credit card detail back in October to promote an URL it was using after the old one had been hit with a DDoS attack.
Similar illicit sites perform the same trick. BleepingComputer writes that All World Cards leaked 1,000,000 credit card details for free on various hacking forums back in August 2021.
If you’re worried about your card details being part of the leak, make sure to check your statements for unusual activity. It might also be prudent to sign up for potential-fraud alerts if your bank offers them.
In a recent cybersecurity incident, millions of personal credit and debit card details were stolen and released by the illicit marketplace, BidenCash.
The personal information was released as part of BidenCash’s birthday promotion. BidenCash is a payment system commonly used for criminal activities such as money laundering and drug trafficking.
The leaked details do not contain names and addresses associated with the cards but do include card numbers, expiry dates, and their associated CVV numbers. This information could give criminals enough information to make unauthorized online purchases from unsuspecting victims.
The FBI has been notified and is expected to launch an investigation. This is not the first security breach of the BidenCash system. In 2019, the system was breached and over a billion card details were stolen.
The breach highlights the need to be vigilant when using payment systems such as BidenCash. Even if the system is not used for any criminal activities, the risks of personal identity theft, fraud, and unauthorized access to accounts remain.
It is essential to ensure passwords and PINs are secure and changed regularly. Online purchases must be made from trusted websites with strong online security measures.
Of course, the best way to protect oneself from such incidents is not to use the BidenCash system at all. People should be aware of the risks associated with online payment systems, and if in doubt, refrain from using them.
