Binary Defense analyzed the claims made on the Maze data leak site. The criminals claim that they could have sold the card records on marketplaces for millions of dollars but chose to demand a ransom payment from the bank instead. Some of the 240 card details released were consistent with “track 2” records that are encoded onto the magnetic stripe of credit cards, while others contain the information printed or embossed on cards. It is possible that the Maze actors are bluffing, and that the card records used as “proof” were purchased from carding shops or other criminal marketplaces, rather than having been stolen from Banco BCR directly. It is also possible that many of the claimed four million unique card records are expired or cancelled accounts, making them less valuable to sell to other criminals. It is unlikely that the Maze threat actors had the bank customers’ best interests in mind. Having a secure network is paramount to any organization—companies should perform regular penetration testing of their systems by using legitimate companies such as TrustedSec. A penetration test can discover and report the flaws in security controls and recommend methods to remedy those flaws. It is also recommended for companies to monitor their network, workstations and servers for any intrusions so that they can be quickly contained before attackers have the chance to steal data. Binary Defense has the capability to provide 24-hour a day monitoring of a company’s endpoints to detect and defend from intrusions. Customers of Banco BCR should contact the bank to see if they are at risk and to monitor their credit card accounts for suspicious activity.

To read more: https://www.bleepingcomputer.com/news/security/hackers-say-they-stole-millions-of-credit-cards-from-banco-bcr/