This is the second major upload of payment records to Indian cardholders that Group-IB has registered in recent months. The first was reported by the company last October. The underground market value of the database is estimated at more than $ 4.2 million. The source of this batch is not yet known. The Indian Computer Emergency Response Team (CERT-In) was immediately informed of the sale of the payment records.

The database reveals card numbers, expiration dates, CVV / CVC codes and some additional information such as the full name of the cardholder, as well as their emails, phone numbers and addresses, which security researchers at Group-IB have found.

Indian cyber security officials have informed the Reserve Bank of India (RBI) and all Indian banks that such data is sold on the Internet, a senior official in a cybersecurity department told the Hindustan Times. “Once the RBI and the banks have informed us of the nature of the data sold, investigations into how the information was accessed can be more targeted and specific,” a second senior official, also in a cybersecurity department, told Hindustan Times.

Previously, on October 28, 2019, the Group-IB Threat Intelligence team discovered a huge database of more than 1.3 million credit and debit card entries from mostly Indian bank customers uploaded to Joker’s Stash. Group IB experts found that the database’s underground market value was estimated at more than $ 130 million.