Highlights

  • 31 million user records can be bifurcated as 30 million US records from over 40 states and over 1 million non-US records gathered from over 100 different countries.
  • Hackers sold US-issued card details for $17 per card, and the price for international cards was raised to $120 per card.

It is shocking to learn that a huge database containing card details of more than 30 million customers is up on Joker’s Stash, the infamous dark web forum for sale.

Let’s know what happened next

Researchers have linked back the data dump to the Wawa Inc. breach that occurred in December 2020.

As per the fraud intelligence company, Gemini Advisory, credit card, and debit card information from Wawa Inc. customers, the food and gasoline chain is up for sale online.

The breach is known to be one of the largest card breaches of not just 2019 but of all time as the ramification adversely affected over 850 stores and more than 30 million debit and credit card user details.

The news of card details on sale on the dark web follows Wawa’s statement in December about its payment processor being compromised.

More to this

The Gemini Advisory co-founder Andrei Barysevich said in an email, “Data of nearly 1 million cards was up on Joker’s Stash on Monday, January 27, 2020. It is also estimated that Joker Stash will release more of these details in batches over a period of 12 to 18 months.”

Wawa Inc., in a statement released on Tuesday (January 28, 2020), said that it was “aware of reports of criminal attempts to sell come customer payment card information.” The company added that it had given a heads up to its payment card processor, payment card brands, and card issuers to intensify fraud monitoring to safeguard customers. The company also has offered free of cost credit monitoring and identity theft protection to its customers.

Some backdated information about the attack

Cyber threat actors crept into Wawa payment processors from March to December 2019, when the company found about the same and stopped it, said CEO Chris Gheysens.

He mentioned that “potentially all” Wawa locations were affected—a finding that aligns with Gemini Advisory’s preliminary analysis. “We also remain confident that only payment card information was involved, and that no debit card PINs, credit card CVV2 numbers, or other personal information were involved.”

WAWA’s take on the issue

Wawa acknowledges the fact that card data is now on the dark web for sale. However, the company does not commit or associate itself with the Gemini Advisory report.