Out of the 60,000,000 credit cards amount, 90% of them were chip-enabled. The majority of the compromised cards were stolen by infected point-of-sale terminals. The findings come from a Gemini Advisory report, which argues a lack of chip compliance in merchants for the rise.
The proprietary Gemini Advisory telemetry data, collected from various dark-web sources over several years, determined that in the past 12 months at least 60 million US cards were compromised. Out of those, 75%, representing 45.8 million, were CP records, likely compromised through card-sniffing and point-of-sale (POS) breaches of businesses, such as Saks, Lord & Taylor, Jason’s Deli, Cheddar’s Scratch Kitchen, Forever 21, and Whole Foods. Moreover, 90%, meaning 41.6 million of those records, were EMV chip-enabled.
The shift in Card-Not-Present (CNP) fraud is growing, taking into account a 14% increase in payment cards compromised through ecommerce breaches. Payment card data that was stolen from Orbitz, Ticketmaster, City of Goodyear, and British Airways represented only a small part of the 14.2 million CNP records posted for sale in the past 12 months.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now