Skimming heist that hit convenience chain may have compromised 30 million cards

by
Dan Goodin
from Ars Technica - All content on (#4YM1Z)
payment-cards.jpg

Enlarge (credit: Mighty Travels / Flickr)

Data from as many as 30 million credit cards stolen in a recently discovered breach of an East Coast convenience store and gas station is going up for sale on one of the Dark Web's most frequented marketplaces for buying such data, researchers said.

The Wawa chain of convenience stores said in December that it had discovered card-skimming malware on point-of-sale machines at just about all of its 850 stores. The infection began rolling out to the store's payment-processing system on March 4 and wasn't discovered until December 10. It took two more days for the malware to be fully contained. The malware collected payment-card numbers, expiration dates, and cardholder names.

On Monday night, dark Web site Joker's Stash began uploading stolen data for what it claimed were 30 million payment cards, researchers from fraud intelligence service Gemini Advisory reported in a blog post. Joker's Stash is one of the biggest dark Web marketplaces for buying stolen payment-card data. The anonymous site has named the lasted haul "BIGBADABOOM-III." While the site didn't identify the Wawa hack as the source of the data, Gemini researchers said they were able to determine that was the case.

Read 5 remaining paragraphs | Comments

index?i=jZqdtB9XqXM:Jvl1VpHC8Aw:V_sGLiPB index?i=jZqdtB9XqXM:Jvl1VpHC8Aw:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments