Nearly 1.3 million debit and credit card data of Indian banking customers that can fetch up to $130 million are up for sale, according to reports. Each card is priced at $100 on the dark web. For the uninitiated, dark web refers to encrypted online content that does not appear through regular internet browsing activities. Joker’s Stash, a dark web destination, has reportedly added these details to its inventory.
But how? According to reports, the card details may have been obtained via skimming devices, installed either on ATMs or point of sale (PoS) systems. These data can now be used to clone cards and withdraw money from ATMs.
In February, card details for 2.15 million Americans were put up for sale on Joker’s Stash. In August, nearly 5.3 million card details obtained from gas and convenience chain Hy-Vee customers were also dumped on Joker’s Stash.
This is not the first time that a massive data breach through the Indian banking system has surfaced. In 2016, 3.2 million debit cards belonging to Yes Bank, ICICI Bank, SBI and others got compromised.