[BreachExchange] Major Carding Forum BriansClub Suffers Data Breach

Destry Winant destry at riskbasedsecurity.com
Wed Oct 16 10:03:58 EDT 2019


https://www.infosecurity-magazine.com/news/major-carding-forum-briansclub/

One of the web’s largest marketplaces for stolen card data has been
hacked, leading to the theft the second time over of more than 26
million cards.

A source shared the news with security researcher Brian Krebs, whose
name and likeness have been used for years by the administrators of
the online BriansClub store.

It is claimed that the trove includes credit and debit card details
stolen from bricks-and-mortar retailers from the past four years,
including eight million uploaded so far in 2019.

The binary data could allow hackers to create fake magstripe cards
with which to fraudulently purchase goods in stores. Although the
roll-out of EMV is intended to put an end to this practice, there are
still enough merchants and cardholders using the legacy cards to make
such forums a going concern.

In fact, Krebs calculated that with cardholder losses estimated at
$500 per card, BriansClub could have generated as much as $4 billion
in losses from the roughly nine million cards it has sold to
fraudsters since 2015.

Tim Mackey, principal security strategist at Synopsys, argued that
whether you’re running a global enterprise, a small business or an
underground carding forum, there are several shared cybersecurity
truths.

“First, the attackers define the rules of the attack and the best you
can do is defend against their actions. Second, the only data ever
taken is data available for the taking. When designing your data
collection and storage procedures, it’s critical to look at all data
operations through the lens of what would happen if there was
absolutely nothing preventing your biggest competitor or worst enemy
from downloading that data,” he explained.

“Is all the data appropriately encrypted? Are all access attempts
audited? Is modification controlled? For these questions, and many
more, the next question becomes one of “how,” and it’s how you
approach these questions and their answers which distinguishes a
successful cybersecurity initiative from one likely to make the news
for the wrong reasons."


More information about the BreachExchange mailing list