Carding Mafia, a forum for trading stolen credit cards, has suffered a data breach, which exposed almost 300,000 of user accounts. The incident was first reported by data breach notification service Have I Been Pwned.
According to the service, the data breach allegedly took place on March 18, 2021 and led to the exposure of 297,744 user accounts. The compromised data includes email addresses, IP addresses, passwords, and usernames.
The founder of Have I Been Pwned Troy Hunt told Motherboard Vice that the compromised data appears to be legitimate. He said that the database included Mailinator email addresses and he was able to confirm their validity using the Forgot Password feature.
Mailinator is a disposable email service, which lets people use anonymous emails for free.
“Usually Mailinator email addresses are created for one purpose and are not reused; the fact that these addresses are contained in the data dump and are also recognized by the forum suggests that the data is legitimate,” Motherboard wrote.
The news outlet also said it found a message on one of the hacking forums offering the database containing 990 GB of data allegedly stolen from Carding Mafia for free. According to the announcement, the database included “290,000 users, 660,000 posts, and 130,000 threads.”