OP 14 April, 2026 - 10:14 PM
A listing on a hacker forum claims access to thousands of payment records, including card numbers and security codes. Experts warn users to act immediately to protect their accounts from fraud and unauthorized charges.
A threat actor on a well-known hacker forum is claiming to be selling a database containing 200,000 payment card records, allegedly tied to American Express users.
Researchers at Cybernews dug into the data sample provided with the listing and found 27 records containing extensive financial data, including:
Full credit card numbers
CVVs
PIN codes
Card expiration dates
Balances
Cardholder names
Home addresses
Despite the seller’s claim, the data isn’t exclusive to American Express. The sample includes cards issued by Visa and Mastercard, hinting that the dataset may be stitched together from multiple breaches or sources.
With no access to the full dataset, the claimed 200,000 records remain unverified.
![[Image: Entry-on-hacker-forum.png]](https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fi.postimg.cc%2F52yXVJKV%2FEntry-on-hacker-forum.png)
How could the stolen credit card data be exploited?
What makes this kind of dataset especially dangerous is that it is a ready-to-use fraud kit. With full card details paired with personal information, attackers can commit financial fraud and identity theft.
Stolen data like this can be rapidly monetized by exploiting credit card data. It can also be resold across underground markets or used in targeted scams that feel alarmingly legitimate to the victim.
Cybernews previously reported on a case in which scammers posed as Wise support staff. They used the victim's real name, phone number, and credit card details to sound extremely convincing.
How does this kind of data end up for sale?
Large collections of payment data rarely come from a single leak. More often, they’re the result of multiple weak points lining up in the worst possible way.
One common entry point is compromised e-commerce platforms. If companies store payment data improperly, especially without encryption, attackers can, after compromising a single platform, walk away with massive volumes of sensitive information. Misconfigured databases left exposed online can have the same effect.
Infostealer malware is another major pipeline. Once it infects a device, it quietly siphons saved credentials, browser autofill data, and sometimes even payment details, bundling them for resale.
Then there’s the human factor. Fake online shops, phishing pages, or direct scams can trick users into handing over their card details without realizing it. One careless click can turn into a permanent entry in a dataset like this.
“Given the scale claimed by the threat actor, it’s more likely the data comes from compromised e-commerce platforms or infostealers,” Cybernews researchers noted.
Source:
CyberNews
https://cybernews.com/security/visa-mast...d-dataset/
A threat actor on a well-known hacker forum is claiming to be selling a database containing 200,000 payment card records, allegedly tied to American Express users.
Researchers at Cybernews dug into the data sample provided with the listing and found 27 records containing extensive financial data, including:
Full credit card numbers
CVVs
PIN codes
Card expiration dates
Balances
Cardholder names
Home addresses
Despite the seller’s claim, the data isn’t exclusive to American Express. The sample includes cards issued by Visa and Mastercard, hinting that the dataset may be stitched together from multiple breaches or sources.
With no access to the full dataset, the claimed 200,000 records remain unverified.
How could the stolen credit card data be exploited?
What makes this kind of dataset especially dangerous is that it is a ready-to-use fraud kit. With full card details paired with personal information, attackers can commit financial fraud and identity theft.
Stolen data like this can be rapidly monetized by exploiting credit card data. It can also be resold across underground markets or used in targeted scams that feel alarmingly legitimate to the victim.
Cybernews previously reported on a case in which scammers posed as Wise support staff. They used the victim's real name, phone number, and credit card details to sound extremely convincing.
How does this kind of data end up for sale?
Large collections of payment data rarely come from a single leak. More often, they’re the result of multiple weak points lining up in the worst possible way.
One common entry point is compromised e-commerce platforms. If companies store payment data improperly, especially without encryption, attackers can, after compromising a single platform, walk away with massive volumes of sensitive information. Misconfigured databases left exposed online can have the same effect.
Infostealer malware is another major pipeline. Once it infects a device, it quietly siphons saved credentials, browser autofill data, and sometimes even payment details, bundling them for resale.
Then there’s the human factor. Fake online shops, phishing pages, or direct scams can trick users into handing over their card details without realizing it. One careless click can turn into a permanent entry in a dataset like this.
“Given the scale claimed by the threat actor, it’s more likely the data comes from compromised e-commerce platforms or infostealers,” Cybernews researchers noted.
Source:
CyberNews
https://cybernews.com/security/visa-mast...d-dataset/