Millions of Bank Cards Leaked on the Darknet, But Only 10% Are Genuine

Over the past month, data from 50 million bank customers has been leaked and made publicly available on the darknet. While this number sounds alarming, there’s an important detail: 90% of the “stolen” cards are actually computer-generated and meaningless.

Sergey Trukhachev, head of special services at Infosecurity, a Softline Company, explained this “numbers game” to Anti-Malware.ru. “In the last 30 days, more than 50 million bank card records have been added to darknet databases,” he said. “It sounds impressive, but there’s a catch: about 90% of these leaks are just generated cards, which means they’re essentially useless junk.”

This deception was uncovered during a data check by the provider itself: many card numbers are repeated, but with different CVV codes and expiration dates.

Decreasing Interest in Russian Bank Cards

Along with the fake card data, there’s a broader trend of hackers losing interest in Russian bank cards. Infosecurity experts support a statement made earlier by Sergey Golovanov from Kaspersky Lab:

“Since April 2022, Russian cards seem to be of no interest to hackers — they can’t use them to buy anything abroad. As a result, card fraud opportunities are now limited to Russia.”

Trukhachev agrees: “We’re also seeing a decrease in the number of Russian cards in public leaks. Previously, you could easily use a Russian card on almost any foreign service, but now the number of platforms has dropped sharply,” he explained. “Consequently, the number of leaks has also decreased.”

According to Infosecurity, the share of Russian card data in global leaks has dropped by at least 40%.

Other Sectors Still at Risk

At the same time, the problem of data leaks in educational services, marketplaces, and delivery services is only getting worse. Recently, part of the Yandex.Practicum database, which sells IT courses, was leaked online.