When cybercriminals fight, your data can become collateral damage. Prime example: the recent double leak of 600,000 credit card records. That includes users’ personal and banking information, like Social Security numbers and payment card records.
When large droves of information are leaked, victims are at risk of many serious issues, like identity theft and other costly cybercrimes. If you’re worried that your data has been part of a security breach, you can check using a free tool with 10 billion records. Tap or click here to check if your data has been part of a massive wave of hacks.
This particular story is more twisty than most hacks, though. It involves warring factions who used your credit card information as artillery. Here’s the full, explosive story — as well as tips for sneaking over enemy lines and snatching your secrets back.
The buzz started at Swarmshop, a black market on the web
If that name is unfamiliar, that’s probably a good thing. It’s an illicit online market where cybercriminals trade credit card and banking data stolen from breaches. If a security breach has ever hit one of your bank accounts, you could be in danger of being used as a cash cow on similar sites.
As you can imagine, identity theft often starts there. This type of sensitive data can be the perfect starting point for a persistent cybercriminal to dominate your digital life. Tap or click here for six mistakes that put you at risk for identity theft.
Actually, though, another type of theft just occurred on Swarmshop. March 17 marked a shift in the website’s luck: Someone leaked a huge cache of the site’s user information to a public forum.
Basically, the cybercriminals got a taste of their own medicine, according to Group-IB’s report on this massive leak. Swarmshop’s shadowy users and administrators found their passwords, usernames, account balances and even contact details leaked.
You won’t believe how huge this group is: 90 data thieves sold stolen banking information to 12,250 buyers.
This new leak means it’s a lot easier for anyone to get their hands on your banking info
At first glance, it may seem like justice was served. After all, the data thieves got a taste of their own medicine once their privacy was leaked.
That’s not the case, though. When hackers leaked Swarmshop’s user data, they also shared all the sensitive information they’d been trading. In other words, they spread over half a million people’s private banking information from just one website to the entire open web.
- 623,036 payment card records
- 498 sets of online banking account credentials
- 69,592 sets of U.S. Social Security numbers and Canadian Social Insurance numbers
If you were one of the so-called “cash cows” Swarmshop criminals were banking on, your Social Security number and credit card information is now exposed to the public. That data might also include your username and password for financial accounts.
If you’re from the U.S., watch out: 63% of these records came from American banks. Group-IB made this handy chart to show which countries are most at risk:
So, what does this mean for you? If your information was already on Swarmshop, now any average Joe could look up your banking information. Once they find your Social Security number, you’re at the mercy of a complete stranger.
Anyone can now break into your private financial accounts and funnel your hard-earned cash into their own accounts. Even worse, they could even steal your identity, committing crimes in your name and potentially sending you straight to prison.
Are you being milked for your financial data? Here’s how to tell if you’re involved
First, head to a free tool that checks whether your information has been sold on the Dark Web. HaveIBeenPwned has 10 billion records of stolen data, so it should be your first stop whenever you hear of a data breach. Tap or click here to find out how to use the site. If you’re a part of this leak, it’s time to secure your SSN.
If this critical number is exposed, you’re at risk of intense financial harm. Here’s how to protect yourself:
- Contact the Federal Trade Commission at www.identitytheft.gov to report potential identity theft.
- Protect your credit record by filing a fraud alert through one of the three credit bureaus: Equifax: 1-866-349-5191, Experian: 1-888-397-3742 or TransUnion: 1-800-680-7289.
- Freeze your credit to stop criminals from opening new accounts in your name. Tap or click here for a step-by-step guide on setting up a credit freeze.
If you think you’re in danger, your top priority should be to protect your cards and bank accounts. Call your financial institution or card issuer ASAP and inform them that your card was included in a data leak. Now, the bank will keep a close eye on your account for fraud.
Don’t relax just yet, though. You should also flag suspicious transactions to your bank and card issuers. Plus, don’t forget to set up security features like two-factor authentication to protect your online banking accounts. Tap or click here to set up 2FA for your banks.
Also, ask your bank for a new card so you can shut down your current one. That way, cybercriminals can’t break into your old account. Act now to protect yourself — every second you waste gives hackers more time to attack.