Over $3.5 Million Worth Data Leaked [Another Huge Data Breach for Pakistani Banks] 2019
- Around 69% of the card details belong to Meezan Bank Alone.
- Around 69,189 Pakistani Bank Cards are Available for Sell in Dark Web.
- 96% of Cards are Unauthorized Digital Copies of the Payment Cards.
One of the biggest data breach after Bank Islamic, is the data leaked on dark web of around 69,189 bank card details which have been leaked to the internet.
According to Group-IB, the total cost of these card details worth around $3.5 Million Dollars.
Group-IB, which is an international company that specializes in preventing the cyber attacks, has recently discovered a new database on the internet [Dark Web] with a total of 69,189 Pakistani bank cards, which are now available for sell on dark web.
This data breach is the second biggest sale of Pakistani Bank Cars in the past 6 months, this indicates that the activity of advanced financially motivated threats actors in the region.
Around 96% of all these cards are dumps, unauthorized digital copies of the information which contains in the magnetic stripe of a payment card, were related to a single bank – Meezan Bank Ltd.
However, Meezam Bank Spokesman said that in the following 6 months ago, the Bank has asked their customers to change their PIN numbers and added various other security measures.
The Full Statement is as Follows:
We are aware of this rumor going around. All our security measures are in place and we have not experienced any unusual event.
Also, we have taken the following steps to safeguard our customers:
1. Customers are forced to change their PINs on ATM machine if they haven’t changed them in 6 months.
2. All Meezan ATMs are Chip Card enabled which protects against any skimming
3. Furthermore, Meezan Bank has introduced a unique and innovative SkimGuard service that protects high value transactions through real time OTP verification on ATM machine.
As you can see, we have various steps in place to ensure the safety and security of our customers and their data. While we are unable to verify the authenticity of the rumors at this point, we can confirm that our customers, their cards and their money is safe.
Another Huge Trouble for Pakistani Banks is?
All the Pakistani bank card details are rarely sold on underground cardshops.
In fact, all of these cards came on sale with their PIN codes, with high in price of this latest card dump, which is $50 USD per card, while usually, the price of each card on dark web forums ranges from $10 t0 $40 USD.
The first set of dumps, which has titled ad <<PAKISTAN-D+P-01>>, which was available for sale on Jan, 24, 2019 and that included around 1,535 cards, 1,457 of which these cards were issued by the Meezan Bank Ltd. It is worth noting that this batch of cards was not announced on the forum.
The second database which was available for sale was on Joker’s Stash on January 30th. Titled <<PAKISTAN-D+P-02>> set, comprised of the details around 67,654 cards of Pakistani bank was significantly larger. The seller marked the set as “high valid” and, unlike the first set, advertised the database on all major underground forums such as [“Omerta”, “Crdclud”, Enclave” etc.).
The Dmitry Shestakov, Head of Group-IB cybercrime Research Unit Said:
The scale, volume, frequency and connection to one institution contributes to the theory that the leak might be involved in a larger incident, potentially an advanced actor gaining access to card systems within Pakistan.
This is just the beginning, we will be updating you with each steps being taken regarding this case. Stay Tune!