The dark web carding forum B1ack’s Stash has released approximately 4.6 million stolen credit card records for free. This action was reportedly taken as a disciplinary measure against sellers who violated the platform’s terms of service by reselling data on competing sites, as reported by Security Affairs.The released data, analyzed by SOCRadar, is unusually comprehensive, including full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and IP addresses. Analysis suggests that e-skimming or phishing were the likely methods of data collection, given the completeness of the information. While some records were found to be expired or duplicates, an estimated 4.3 million records are considered fresh and potentially usable. The majority of the compromised cards, around 70%, are linked to the United States, with Canada, the United Kingdom, France, and Malaysia also significantly represented. This broad geographic distribution indicates the operation is not confined to a single region.B1ack’s Stash has a history of using free data releases as a marketing tactic to attract new users and gain notoriety within the cybercrime community. The immediate risks include an increase in card-not-present fraud, while the extensive personal data also facilitates more sophisticated attacks like identity theft and targeted phishing campaigns.Source: Security Affairs