Joker’s Stash, a notorious online marketplace, claimed it had data from 30 million cards of WaWa customers, according to the fraud intelligence company Gemini Advisory.
The unauthorized of million cards including both credit and debit was advertise under title BIGBADABOOM-III: however, according to experts, the card data were traced back to Wawa, a US East Coast convenience store chain.
Joker Stash displayed around 1 lakh card on Monday, it’s likely to release an additional card within 12-18 months, Gemini Advisory co-founder Andrei Barysevich said in an email.
WaWa admitted that to being hacked back in December 2019. The hackers planted malware on its point-of-sale systems. Wawa said the malware collected card details for all customers who used credit or debit cards to buy goods at their convenience stores and gas station. Malware ran on WaWa systems from March until December, when the company founded and stopped it, CEO Chris Gheysens wrote in a letter at the time.
The company also said, “We also remain confident that only payment card information was involved, and that no debit card PINs, credit card CVV2 numbers or other personal information were involved.”
Wawa Card dump is one of the biggest card breaches to date. “Since the breach may have affected over 850 stores and potentially exposed 30 million sets of payment records, it ranks among the largest payment card breaches of 2019, and of all time,” Gemini Advisory said today when describing the breadth of the Wawa breach.
Currently, Joker’s Stash team is trading the cards at $17 and for international cards are more expensive priced at $210 per card.