Security News > 2020 > January > Wawa Breach: Hackers Put 30 Million Stolen Payment Card Details for Sale

That's because hackers have finally put up payment card details of more than 30 million Wawa breach victims on sale at Joker's Stash, one of the largest dark web marketplaces where cybercriminals buy and sell stolen payment card data.
Now it turns out that the Wawa breach marked itself in the list of largest credit card breaches ever happened in the history of the United States, potentially exposing 30 million sets of payment records.
According to threat intelligence firm Gemini Advisory, on 27th January 2020, hackers started uploading stolen payment card data from Wawa at Joker's Stash marketplace, titled as 'BIGBADABOOM-III,' which reportedly includes card numbers, expiration dates, and cardholder names.
In the latest statement released yesterday, Wawa confirmed that the company is aware of reports of criminal attempts to sell customers' payment card data and to help further protect its customers, the company has 'alerted payment card processors, payment card brands and card issuers to heighten fraud monitoring activities.
"We continue to encourage our customers to remain vigilant in reviewing charges on their payment card statements and to promptly report any unauthorized use to the bank or financial institution that issued their payment card by calling the number on the back of the card," Wawa said.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/Go_X6UFbldo/wawa-credit-card-breach.html
Related news
- Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign (source)
- Hackers lurked in Treasury OCC’s systems since June 2023 breach (source)
- Lazarus hackers breach six companies in watering hole attacks (source)
- Commvault Confirms Hackers Exploited CVE-2025-3928 as Zero-Day in Azure Breach (source)
- Luna Moth extortion hackers pose as IT help desks to breach US firms (source)
- Russian hackers breach orgs to track aid routes to Ukraine (source)
- Chinese hackers breach US local governments using Cityworks zero-day (source)
- Ivanti EPMM flaw exploited by Chinese hackers to breach govt agencies (source)
- Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages (source)