Security experts at Gemini Advisory reported that hackers stole
Wawa’s payment card data and uploaded them at the marketplace at Joker’s Stack.
According to the experts, the card data contains the details of the cardholder,
including their names, card number, and expiry dates.
Although most of those records were from US-based
cardholders and U.S banks, some of the records contain details of cardholders
from Europe, Latin America, and several Asian countries, according to Gemini
Advisory.
The security experts opined that the non-US-based cardholders were likely victims of the hack when they traveled to the U.S. and used Wawa services during their visit there. At the selling site, the hackers have put the average price of these records to $17, while the cost of the non-US-based record is higher at $210 per card.
The hackers put up the payment cards for sale on Monday , as more than 30 million
U.S-based accounts and over 1 million foreign-based accounts were hacked. Based
on this outrageous number, it is one of the largest card frauds on the
internet. Unsurprisingly, the card is offered for sale at the largest online
card fraud forum.
Barely a month ago, Wawa revealed that its network had suffered a major security breach. Then the company disclosed that the hackers installed malware at its POS systems. Wawa said that the hackers succeeded in collecting card details of customers that used debit or credit cards to buy goods at their gas station of convenience stores. Wawa revealed further that the hackers were able to infiltrate its entire 860 convenience retail stores. Out of this number, 600 of them also function as gas stations.
The company stated that the malware was operational from
March till December last year when it was detected and deleted from Wawa’s
system. During this period, the malware had been gathering vital information
about customers and their account details whenever they use their card for
purchases on Wawa’s POS terminal.
The extended 9 months infection period was enough for the
actors to gather a massive amount of information about customer cards.
Sine this breach may have affected more than 30 million
sets of payment records and over 850 stores, it stands as one of the biggest
payment card breaches of all time, said Gemini Advisory.
According to the security experts, it can be compared to
the2013 Target breach that exposed about 40million payment cards or the 2014
Home Depot’s breach which exposed 50 million customers ‘data.
Gemini Advisory made a statement regarding the breach, as it
stated that Wawa was recently aware that customers’ data are now being offered
for sale online. Wawa did not deny or contest the findings of Gemini Advisory,
as the company agreed that the cards being offered at the Joker’s Stash card
dump were from its servers.
Wawa revealed that it had alerted card issuers, payment card brands, as well as payment card processors to improve on its fraud monitoring activities, which will help to protect any customer data. The company also stated that it is still investigating the hack with law enforcement agencies. Wawa promised that it would let the public know of any development about the investigation.
Wawa also stated that the hackers were able to breach
payment card information. It further said that no CVV2 numbers, debit card pin,
or other personal identification data were involved. But a sample of one of the
Wawa card dump showed that the leaked information did contain CVV2 numbers of
the credits cards, which is contrary to Wawa’s claims.
Joker’s Stash is known for providing a portal where hackers
can offer hacked information or data for sale. However, the platform only
offers these data for sale only after the affected company has announced a
breach. Joker’s Stash always waits for the public announcement of the breach
before offering the stolen information for sale. The firm does this to
strengthen its claims as to the largest seller of compromised cards.
The sale of these card information follows a familiar pattern with other hackers. After the successful hacking attempt , the hacker sells to other criminals who use the cardholder’s information to perpetrate more crimes.
ltdcc ssn feshop domain