The company resells stolen credit cards and then earns revenue on each sale. However, it is not clear how it divides the revenue. KrebsOnSecurity contacted the website and requested a response. When they did, they received a message that informed operators that the website shares all of the data with card-issuing banks.
Site’s data center has been hacked
You may have recently learned that your site’s data center was hacked. Although you may not have lost all of your data, it is best to take extra precautions. If your data center isn’t secure, your customers’ personal information is at risk. A ransomware attack can change data permanently, and a breach in security can lead to serious consequences.
It resells cards stolen by cybercriminals
BriansClub is a website that dumps data from credit card transactions. The site sells stolen cards to affiliates and earns a percentage of the revenue. However, it is unclear how this revenue is shared. KrebsOnSecurity requested a comment from the site. The response revealed that the company had received the entire database of stolen card data and verified that the information was legitimate.
The database compiled by briansclub.cm lists nearly eight million credit card records that were stolen from brick-and-mortar stores. Researchers found that the credit card records were redacted but still available on the BriansClub website. The site requires an active account to access the data. The database includes information on the amount of card information that has been sold. This means that there are millions of credit cards on offer at the site.
BriansClub’s inventory of stolen cards is growing at a rapid rate. Between 2015 and 2018, the website added more than nine million new card records. The data on the site is used to make fraudulent purchases. As a result, cybercriminals are making money by breaking the payment card system.
According to Krebs, the stolen card records have a value of $500 each. According to Krebs, that means that the average loss for a victim using a stolen card is about $414,000. The stolen card data can be gathered through a hacked point-of-sale system, a card processor breach, skimming, or a lost or stolen credit card.
BriansClub is not the only website selling credit card data. Its owners have been hacked. Cybercriminals have used this site to sell stolen cards for several years. This website is one of the oldest Russian cybercrime forums. It resells card data submitted by other hackers.
The website also resells cards stolen by cybercriminal networks. The site also has a forum dedicated to this activity. Users can post questions on the forum about the website and its activities.
It has 1.7 million records for sale
BriansClub is an underground market where hackers sell stolen credit and debit card records. This database is the result of a hack into a retail database. It is estimated that each record is worth $500, the average loss to a victim. Since 2015, BriansClub has sold nearly 9 million records, resulting in a $414 million loss for consumers. These records were obtained in various ways, including hacked point-of-sale systems, credit card processor breaches, skimming, online order scams, and lost or stolen cards.
BriansClub is known to have hacked both brick-and-mortar stores and online retailers. In 2015, 1.7 million credit card records were uploaded to the site. In 2016, 2.9 million records were uploaded, and 4.9 million were added in 2017. By August 2019, a staggering 9.2 million records had been sold on BriansClub. Throughout this period, the website made $126 million in Bitcoin.
BriansClub is known to resell the stolen cards to affiliates. It makes a percentage from each sale, but the exact share of revenue remains unknown. In response to KrebsOnSecurity’s request for comment, the site’s operators wrote a message informing owners that their sites had been compromised and that all credit card data would be shared with the card issuing banks.
It has a full refund for cards that do not work or are rendered invalid
The site has a policy of providing a full refund if the card does not work or is rendered invalid. However, this does not apply to cards that are not faulty. It is also possible to get a refund for any credit balance left on the account. However, if the credit balance is over $1.00, then the card issuer must issue the refund within seven business days.
BriansClub has also been hacked, according to KrebsOnSecurity. The company has identified multiple sources of stolen credit and debit card data. Many of these sources work with the financial industry, which is monitoring these cards for sale in the cybercrime underground.