Carding Mafia, a forum for stealing and trading credit cards has been hacked, exposing almost 300,000 user accounts, according to data breach notification service Have I Been Pwned.
The data breach allegedly exposed the email addresses, IP addresses, usernames, and hashed passwords of 297,744 users. Have I Been Pwned announced the data breach on Tuesday, saying the breach happened last week.
On the Carding Mafia forum and its public Telegram channel, however, there was no sign that its users have been warned. Carding Mafia has more than 500,000 users, according to the forum’s own statistics. The site administrator did not immediately respond to an email asking for comment.
Troy Hunt, the founder of Have I Been Pwned, told Motherboard that he was able to confirm the hacked database is legitimate. Hunt said that he noticed in the database that there were Mailinator email addresses, a service that allows anyone to create throwaway email addresses. Hunt said that he then inserted those addresses in the forum, using the Forgot Password feature, and he saw that those emails are recognized as valid emails. Usually Mailinator email addresses are created for one purpose and are not reused; the fact that these addresses are contained in the data dump and are also recognized by the forum suggests that the data is legitimate…Read more>>