29 October 2019

Biggest single card database ever on sale on dark net marketplace

Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has detected that a huge database holding more than 1.3 million credit and debit card records of mostly Indian banks’ customers was uploaded to Joker’s Stash on October 28. The underground market value of the database is estimated at more than $130 million.

The database under the name “INDIA-MIX-NEW-01” (full name: “ INDIA-MIX-NEW-01 (fresh skimmeD INDIA base): INDIA MIX TR1+TR2/TR2, HIGH VALID 90-95%, uploaded 2019-10-28 (NON-REFUNDABLE BASE”) has been on sale on one of the most notorious underground card shops, Joker’s Stash, since October 28, 2019. The database contains only credit and debit card dumps Track 2, while its name suggests that it holds both Track 1 and Track 2 records. Track 2 dumps can be used to produce cloned cards for further cashing out.

Group-IB’s Threat Intelligence team has analyzed all the card dumps from the database and discovered that more than 98% of them belong to Indian banks, 1% – to Colombian banks. More than 18% of the dumps in the database are related to a single Indian bank. The full database has more than 1.3 million records in total. It is one of the biggest single databases ever uploaded at once on underground markets and probably one of the most expensive ones. Every single dump in the set is valued at $100 which makes the total value of the database at least $130 million.

It is true that big payment data leaks have happened before; however, the databases are usually uploaded in several smaller parts and at different times. This is indeed the biggest card database encapsulated in a single file ever uploaded on underground markets at once. What is interesting about this particular case is that the dаtabase that went on sale hadn’t been promoted prior either in the news, on card shop or even on forums on the dark net. The cards from this region are very rare on underground markets, in the past 12 months it is the only big sale of card dumps related to Indian banks. Group-IB’s Threat Intelligence customers have already been notified about the sale of this database. The information was also shared with proper authorities.

Ilya Sachkov

Ilya Sachkov

CEO and founder at Group-IB

Group-IB is one of the leading providers of solutions aimed at detection and prevention of cyberattacks, online fraud, and IP protection. Group-IB Threat Intelligence & Attribution system was named one of the best in class by Gartner, Forrester, and IDC.

Group-IB’s technological leadership is built on the company’s 17 years of experience in cybercrime investigations worldwide and 65,000 hours of incident response accumulated in our leading forensic laboratory and 24/7 CERT-GIB.

Group-IB is a partner of INTERPOL, Europol, and a cybersecurity solutions provider, recommended by SWIFT and OSCE. Group-IB is a member of the World Economic Forum.

Report an incident

24/7 Incident Response Assistance +65 3159-4398

Thank you for the inquiry! We will contact you soon.

We use cookies on the website to make your browser experience more personal, convenient and secure. You may block or manage the use of cookies, however, in some cases they’re essential to make this site work properly. Learn more about cookies in Group-IB Privacy And Cookies Policy.

Report an incident