BidenCash Releases Another Batch of Cards


NOTE: This post was originally written in March 2023 in my old blog.

On 28th February, a user affiliated with the carding marketplace BidenCash posted on XSS forum that they are releasing a dataset, containing 2,165,701 payment card details, to celebrate their 1-year anniversary. It should be noted, that this is not the first “charity” action of the BidenCash marketplace; in fact, this is their third time of free data release. Yes, sharing is caring, of course; however, the only real reason behind the free release of dataset is marketing and attracting more potential clients to their marketplace.

Compromised data include payment card numbers, expiration dates, CVV numbers, bank names, payment card types, full names of cardholders, physical addresses, email addresses, phone numbers.

A threat intelligence company, Cyble made a nice and short write-up about this case, as well as about previous cases of BidenCash’s release of data. However, I wanted to check what are the “numbers” of cardholders from Nordic countries (sorry, Iceland, I forgot about you). The majority of cards are still valid, i.e. not expired.

  • Sweden: 3262
  • Norway: 2391
  • Denmark: 801
  • Finland: 496
  • Estonia: 176

Credit card holders:

  • Denmark: 163
  • Estonia: 50
  • Finland: 210
  • Norway: 253
  • Sweden: 508

Debit card holders:

  • Denmark: 631
  • Estonia: 126
  • Finland: 280
  • Norway: 2116
  • Sweden: 2735

These kinds of PII and financial data leaks will increase fraudulent activities. Chances are high that victims found in the dataset will be targeted multiple times, not only in “purely” financial related attacks, but also in phishing and identity theft attacks.

,