More than 30 MILLION Wawa credit and stolen credit card records are sold on the dark web.
More than 30 MILLION stolen debit and credit card records from the Wawa convenience store are sold on the dark web in what researchers call one of the greatest infractions of all time
- A violation of the Wawa convenience store leaked millions of financial records online
- Researchers say a treasure of 30 million records has been found on the dark web
- Experts claim that rape is one of the largest ever recorded
- ZDNet reports that CVV numbers were included in the data despite Wawa’s claims
Stolen credit and debit card information in a major violation of a US convenience store. UU. Now it has appeared on the dark web where they are sold in a black market.
According to the cybersecurity firm Gemini Advisory, stolen data is sold in a black market called Joker’s Stash and includes more than 30 million debit and credit records from hundreds of stores in the United States.
“Since the violation may have affected more than 850 stores and potentially exposed 30 million sets of payment records, it is among the biggest payment card violations of 2019 and of all time,” the researchers write.
The photo is a screen cover of a site called ‘Joker’s Stash’ where stolen data is sold on the dark web.
The database covers more than 1 million different victims and in 40 US states. UU. Most of those involved come from Florida, New Jersey and Pennsylvania.
The original reports at the time the violation was discovered in December suggested that ‘thousands’ of customers were affected.
While Wawa has claimed that the violation did not compromise customers who only used an ATM and did not filter PIN or CVV numbers, ZDNet reports that some CVV numbers have appeared in the stolen information cache.
However, the company denied that CVV numbers were compromised in a statement to ZDNet.
“… only the payment card information was involved, and there were no debit card PIN numbers, CVV2 credit card numbers or other personal information,” the company told ZDNet.
As a result of the apparent attempt to find stolen data, Wawa said it will notify its payment processors and card companies for any suspicious activity.
“We have alerted our payment card processor, payment card brands and card issuers to increase fraud monitoring activities to help further protect customer information,” the company said in a statement this week.
“We continue to work closely with the federal police in connection with their ongoing investigation to determine the extent of disclosure of payment card data from specific Wawa customers.”
Wawa is being sued for the rape late last year and has been working with federal police to discover the extent of the attack.
In December 2019, the Pennsylvania-based company announced that its information security team discovered malware on its payment processing servers and on December 10 and managed to stop the violation on December 12.
Since then, Wawa has faced multiple demands. As of December, at least six lawsuits seeking class action lawsuits were filed in federal court in Philadelphia.