4 million credit cards used in restaurants for sale in hacking forums

A hacker group has released a new database of stolen payment cards on Joker’s Stash, a popular hacking forum. According to web application security specialists who analyzed the new publication, this time the stolen information appears to be related to the hacking on four major restaurant chains in the US.

This new batch appeared on the hacking forum over the past week, displaying information from the food chains Krystal, Moe’s Southwest Grill, McAlister’s Deli and Schlotzsky’s, mention the specialists from, security firm Gemini Advisory.

In the last three chains, the security incident would have occurred last August, impacting multiple branches across the US. In total, 1,500 branches could have been affected by the data breach. Krystal’s case is a little different, as data theft would have occurred between July and September this year. More than 350 branches of this chain would have been potentially affected.

Gemini’s web application security experts mention that of the more than 1700 restaurants belonging to these chains, about 50% would have became victim of the data breach. In other words, it is estimated that at least 4 million customers and their respective payment cards were compromised. The largest concentration of affected branches is found in the states of North Carolina, South Carolina, Florida and Georgia, specialists mention.

Months passed for hackers to reveal the stolen information at Joker’s Stash; According to experts, this is a strategic measure to not overwhelm the platform with too many offers, reducing the profit margin for threat actors. Another possible reason the hackers would have waited until November to run the ad on Joker’s Stash is due to the start of the holiday shopping season, which will kick off with the popular Black Friday.

According to web application security experts, Joker’s Stash remains one of the most active illegal platforms, specializing in the sale of stolen bank details. A few weeks ago an ad was posted on the platform on a database with more than 1.2 million payment card records stolen from multiple banks, mainly in India.

One of the sectors that has suffered the most from these incidents recently is the hospitality industry, as the threat actors have found that, most of the time, the staff working in these companies do not have the required knowledge to detect and address a computer security threat.

Recently, web application security specialists from the International Institute of Cyber Security (IICS) reported the detection of a massive phishing campaign targeting hotel chains and online travel agencies. Using email with attachments, hackers deliver malware to target computers, download and execute malware, and eventually access these companies’ networks to extract payment card data from customers.