Back

B1ack's Stash Releases Millions of Stolen Credit Card Records

Severity: High (Score: 68.0)

Sources: Scworld, Securityaffairs.Co

Published: 2026-05-21 · Updated: 2026-05-21

Keywords: b1ack, stash, stolen, card, carding, forum, millions

Severity indicators: credit card

Summary

B1ack's Stash, a prominent carding forum, has released approximately 4.6 million stolen credit card records for free. The data includes full card numbers, expiration dates, CVV2 codes, and personal information such as names and addresses. Analysis indicates that the data was likely collected through e-skimming or phishing attacks. Around 70% of the compromised cards are linked to the United States, with significant numbers from Canada, the UK, France, and Malaysia. This release is a marketing tactic aimed at attracting new users to the forum. The immediate risk includes a rise in card-not-present fraud and potential identity theft. The release was not prompted by law enforcement action or a system compromise, but rather a strategic decision by B1ack's Stash. The situation poses a significant threat to consumers and financial institutions alike. Key Points: • B1ack's Stash released 4.6 million stolen credit card records for free. • The data includes sensitive information like card numbers, CVV2 codes, and personal details. • 70% of the compromised cards are linked to the United States, indicating a broad impact.

Detailed Analysis

**Impact** Approximately 4.3 to 4.6 million stolen credit card records have been released for free, primarily affecting cardholders in the United States (70%), with additional victims in Canada, the United Kingdom, France, and Malaysia. The data includes full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and IP addresses. This exposure increases the risk of card-not-present fraud, identity theft, and targeted phishing attacks across multiple sectors and regions. The release may also disrupt payment processing and increase fraud-related operational costs for financial institutions and merchants. **Technical Details** The data was likely collected through e-skimming or phishing attacks, as indicated by the completeness of the stolen information. No specific malware, CVEs, or infrastructure details were provided. The release was conducted by B1ack’s Stash, a known carding forum, which suspended sellers and distributed the data freely as a marketing tactic. Indicators of compromise (IOCs) such as specific IP addresses or malware signatures were not disclosed. **Recommended Response** Organizations should monitor for increased card-not-present fraud and enhance detection of phishing campaigns leveraging the exposed personal data. Financial institutions and merchants should tighten transaction monitoring and implement multi-factor authentication where possible. Customers should be advised to review statements for unauthorized transactions and consider card replacement. No specific patches or configurations were identified; defenders should focus on threat intelligence updates and behavioral anomaly detection.

Source articles (2)

  • Carding forum B1ack's Stash releases millions of stolen credit card records — Scworld · 2026-05-21
    The released data, analyzed by SOCRadar, is unusually comprehensive, including full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and…
  • Carding site B1ack’s Stash dumps 4.6 Million stolen cards for free — Securityaffairs.Co · 2026-05-20
    Carding forum B1ack’s Stash claims to have released millions of stolen CVV2 payment card records for free after suspending sellers. B1ack’s Stash, one of the most active stolen card marketplaces on th…

Timeline

  • 2026-05-20 — B1ack's Stash releases stolen card records: The forum dumped 4.6 million stolen credit card records for free, claiming no law enforcement action prompted the release.
  • 2026-05-21 — Analysis of released data: SOCRadar analyzed the released data, confirming its comprehensiveness and potential for misuse in fraud and identity theft.

Related entities

  • Data Breach (Attack Type)
  • Phishing (Attack Type)
  • Canada (Country)
  • France (Country)
  • Malaysia (Country)
  • United Kingdom (Country)
  • United States (Country)
  • T1566 - Phishing (Mitre Attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed