Joker’s Stash, one of the most notorious web forums for stolen credit card data, has claimed a new scalp.
Sellers on the site this week claimed to be offering 3 million payment card numbers used at Dickey’s Barbecue Pit, a U.S. restaurant chain, researchers at intelligence firm Gemini Advisory said Thursday. More than 100 of the barbecue joint’s locations were affected by the breach, and the data is being sold for a median price of $17 per card, according to the research.
The data from Dickey’s Barbecue Pit customers appears to have been compromised between July 2019 and August 2020, according to Gemini Advisory. Numerous restaurant and hospitality chains have been hit by scammers in recent years because of the personal financial data they collect.
“Given the widespread nature of the breach, the exposure may be linked to a breach of the single central processor, which was leveraged by over a quarter of all Dickey’s locations,” Gemini said in a blog post.
“We received a report indicating that a payment card security incident may have occurred,” Dickey’s Barbecue Pit said in a statement. “We are taking this incident very seriously and immediately initiated our response protocol and an investigation is underway. We are currently focused on determining the locations affected and time frames involved.”
The incident underscores how scammers target chokepoints for sensitive data, and then turn to illicit markets like the Joker’s Stash to try to sell it off. The site only is the latest in a generation of black market communities where users from around the world promise access to goods ranging from narcotics, hacking tools and child pornography. Such markets consistently have attracted attention from international law enforcement, only for competitors to fill gaps that emerge after police takedowns.
“Joker’s Stash remains one of the most active, persistent, and affluent cybercriminals of our time,” Gemini Advisory CEO Andrei Barysevich said in an email. “In the past year alone, we estimate that this actor’s operations earned Joker and their accomplices close to half a billion dollars.”
Barysevich said the forum has “one of the most respected brands” on the internet’s underbelly. Branding and reputation matter heavily in the digital underground, where scammers rely on word-of-mouth to determine which vendors are trustworthy.
Joker’s Stash is a case study in how criminals have in recent years expanded the types of data they steal and try to commoditize. Having established a reputation as a go-to place for selling card data, Joker’s Stash denizens have gone further to advertise a range of personal information, such as Social Security numbers.
This isn’t the first major security incident that Dickey’sBarbecue Pit has had to face. The restaurant chain was hit by a CryptoLocker ransomware attack in 2015. The company rebuilt some of its networks instead of paying a $6,000 ransom, according to D Magazine.