This week, Joker's Stash, a major carding resource, published data on 30,000,000 bank cards owned by Americans and about 1,000,000 cards owned by people from other countries. Gemini Advisory Experts reportthat this dump, entitled BIGBADABOOM-III, is directly related to the compromise of the American Wawa chain of stores.
Wawa reported hacking back in December 2019. Then the company recognizedthat was subjected to a cyber attack, during which hackers introduced the malware into the PoS systems of its stores. Attackers remained in the system from March to December 2019, collecting and stealing data from customers who used credit or debit cards to pay for purchases in stores and gas stations. According to Wawa, the hacking affected all 860 stores of the company, of which 600 were combined with gas stations.
Apparently, a long infection period, along with the compromise of hundreds of different stores, allowed the criminal group responsible for the hack to collect a huge amount of data. Gemini Advisory analysts write that the Wawa hack may turn out to be one of the largest attacks of this kind not only in 2019, but throughout the entire history of observations. Researchers compare the leak with an attack on Home Depot in 2014, which resulted in the theft of data from 50 million customers, and with the hacking of Target in 2013, in which 40 million users leaked map data.
After a report published by Gemini Advisory, Wawa representatives rushed to release Press release, in which the company confirmed that the card data of its users are indeed already sold on the network. In fact, the company indirectly confirmed that the dump published on Joker's Stash is the data of its customers.
Also, the chain of stores said that it was only about information about payment cards, and PIN codes for debit cards, CVV2 numbers for credit cards and other personal information of users were not affected. Journalists of the publication Zdnet They note that according to the dump sample they received, this is not true, and CVV2 numbers still fell into the hands of hackers.
Currently, cybercriminals sell information on cards issued in the United States at an average of $ 17 per card, while information about foreign cards is much more expensive – an average of $ 210 per card.