Information about thousands of hacked Pakistani bank card accounts appeared on the dark web this week, researchers said, following similar incidents in late October that roiled the country’s financial system and government.
Hackers put the purloined details from 177,878 cards for sale on the dark web market Joker’s Stash around Nov. 13, according to Moscow-based cybersecurity company Group-IB, with 150,632 of those records appearing to come from Pakistani banks. An Oct. 27 breach led at least one bank, Karachi-based BankIslami, to shut down certain operations. Soon afterward, the cybersecurity organization PakCERT found thousands of Pakistani bank card records on the dark web.
The latest dump does not include cards from BankIslami, Group-IB notes in its blog post about the breach.
“The banks affected by this breach included major Pakistani financial organizations such as, Habib Bank, MCB Bank Limited, Allied Bank Limited and many others,” the post said. “Habib Bank was affected most by the breach: roughly 20% of cards (30,034) in the uploaded database was issued by this bank.”
Group-IB noted that “card dumps” like this one usually are the result of hacks involving “skimmers” wherever users swipe their cards, or through malware that infects workstations connected to point-of-sale terminals at retailers and elsewhere.
The Nov. 13 dump is significant for its size alone: Group-IB said it’s collectively worth about $19.9 million. “The sale price for these card dumps ranges from $17 to $160,” the researchers said. PakCERT had said that the initial dark web postings from earlier in November amounted to about 20,000 cards.
Pakistan’s top criminal investigation agency and its central bank did not agree about what happened in the late October incident. A top law enforcement official said multiple banks were affected by the breach, but the central bank, as well as Pakistan’s banking association, said only one unnamed bank was breached.
One expert who spoke to the English-language newspaper Dawn said the hack appeared to be “very sophisticated,” though he reiterated the banking industry’s stance that only one firm was affected. Pakistan lacks a nationwide cybersecurity watchdog with the sophistication to counter transnational cybercrime, Dawn noted.