Illegal marketplace allegedly releases 1 million credit cards on a deep web forum

According to Forbes, the move was reported by Andrea Draghetti, the head of intelligence at D3Lab, on 21 February 2025, underlining that the collection of sensitive data including over 1 million unique credit and debit cards was released to the criminal forum on 19 February 2025. Additionally, it was stated that the collection contained six archives covering a total of 1,018,014 cards. Among the sensitive details were the account number of the credit cards involved, as well as the expiration date and the card verification value (CVV). Besides these, the collection included cardholder information ranging from full name and address to date of birth, telephone number, and email address. By having this information, bad actors could commit credit card fraud or start a phishing attack against the cardholder.

How was the data stolen?

As detailed by the same source, the investigation points to the data being stolen by leveraging skimming techniques, which involves adding malicious JavaScript code into compromised ecommerce payment pages and then intercepting sensitive data entered by users in real-time. Organised by type, the stolen cards were also indexed considering the issuing bank and country of origin. The collection also included magnetic stripe data, which could enable criminals to design physical card copies.

Furthermore, the free leak is considered a marketing tactic developed to scale engagement on the platform by providing stolen data in mass. This recent move comes after previous multi-mullion card leaks conducted by B1ack’s Stash, which underlines its status as a rising threat in the financial fraud ecosystem.

What should financial institutions and end-users do now?