This week, MasterCard and Visa felt the fury of WikiLeak supporters. The card companies’ decision to deny donations to WikiLeaks provoked a hack-a-thon. Resulting in the companies’ websites being taken down and a possible leak of consumer credit card numbers.
The recent leak of credit card numbers was reported to be fake, but the reality is web criminals are breaching retailers, financial institutions and insurance companies every year. They steal your credit card info and sell it in bulk, online, to the highest bidder.
As consumers, we can rest easy because of fraudulent charge protection offered by our card companies. Yet it can still be helpful to know how this black market works so you can understand why you may be left monitoring your credit for a year if affected.
Understanding the Black Market
The cyber black market is a digital market where card details are sold for as much as a few cents. Usually sold in bulk, hackers are not shy in harvesting hundreds of thousands of users data. While credit card numbers are more common, stealing debit card data is quickly gaining popularity. Researchers for software security company Symantec, found that while credit card numbers may go for pennies, bank account numbers can sell for as much as $1,000.
A website called stopthehacker.com recently analyzed the black market and was able to find examples of how this information is present online. Through simple online web portals, you can find credit card data on anything from basic accounts to PayPal. These sites are designed to avoid being indexed by large search engines such as Google and therefore makes it hard to find.
Let’s take a look at a few examples, originally posted by stopthehacker.com:
Basic Credit Card Information Offers:
Usually consists of credit card number, type, expiration date and CVV.
PayPal Information Offers:
Where Your Data is Being Stolen
In August of 2008, Albert Gonzalez, was accused of one of the largest known identity theft cases in U.S. history. Gonzalez, 28, stole millions of credit card and debit card numbers from major U.S. retail chains. Among the retailers hacked were TJX Companies (owner of T.J.Maxx), BJ’s Wholesale Club, OfficeMax, Boston Market, Barnes & Noble, Sports Authority, Forever21, and DSW.
Just this past June, health insurance giant, WellPoint, was forced to offer free credit monitoring to over 470,000 customers after their information was stolen from the site. WellPoint was notified by one of their customers who could see confidential information of other customers after the company made a major site update. Though the fix was completed in less than 12 hours, the damage was done and customers whose accounts were set up between October 2009 and March 2010 were exposed.
Protecting Your Money & Identity
There have been many efforts to increase security and prevent future hacks, but the reality is these attacks and leaks continue to happen. When cases such as WellPoint or TJX occur, it can be difficult for credit card companies to know what was stolen. They often find out after consumers begin to report odd activity. Although your credit issuer will cover fraudulent charges, there are other negative consequences that can come of these information leaks. This is why it is important to always keep an eye on your monthly statement to catch strange activity right away.