Attackers were able to create phony debit accounts through Tampa Bay Federal Credit Union’s (TBFCU) Bank Identification Number (BIN) which is the first six digits on a debit card. Once the BIN’s were obtained, software from the dark web was used to link them to actual members of TBFCU. TBFCU commented on the situation saying, “This was a situation where the ‘bad guys’ tried using sophisticated software to perpetrate fraud without having any other card or personal information needed to be successful.” They also reassured that no customers suffered from fraudulent attempts, but it led to a large number of customers canceling their cards, leading to long wait times for new cards. Although it is not confirmed, the attack is believed have been perpetrated by threat actors located in Australia.
Analyst Notes
Users are recommended to cancel their current card and order a new one. They could also talk to their bank about what preventative measures they are taking to reduce the chance of an instance like this occurring again.
