Security News > 2020 > June > COVID-19 ‘Breach Bubble’ Waiting to Pop?

Global lockdowns from COVID-19 have resulted in far fewer fraudsters willing or able to visit retail stores to use their counterfeit cards, and the decreased demand has severely depressed prices in the underground for purloined card data.

Gemini's latest find - a 10-month-long card breach at dozens of Chicken Express locations throughout Texas and other southern states that the fast-food chain first publicly acknowledged today after being contacted by this author - saw an estimated 165,000 cards stolen from eatery locations recently go on sale at one of the dark web's largest cybercrime bazaars.

Barratt said there's another curious COVID-19 dynamic going on with e-commerce fraud recently that is making it more difficult for banks and card issuers to trace patterns in stolen card-not-present data back to hacked web merchants - particularly smaller e-commerce shops.

"These intruders may have a beachhead in a number of small and/or middle market e-commerce entities and they're just waiting for the transaction volumes to go back up again and they've suddenly got the capability to have skimmers capturing lots of card data in the event of a sudden uptick in consumer spending," he said.

With a majority of payment cards issued in the United States now equipped with a chip that makes the cards difficult and expensive for thieves to clone, cybercriminals have continued to focus on hacking smaller merchants that have not yet installed chip card readers and are still swiping the cards' magnetic stripe at the register.

News URL

https://krebsonsecurity.com/2020/06/covid-19-breach-bubble-waiting-to-pop/