A batch of freshly stolen credit and debit cards have been offered for sale on an underground store that was also used by cybercriminals after the Target breach.
Security blogger Brian Krebs noticed the cards on rescator[dot]so and, after contacting several banks, found out that the cards had been used at P.F. Chang’s dining restaurants from March until May 19.
Founded in 1993, P.F. Chang’s China Bistros has about 204 locations in the United States, Puerto Rico, Mexico, Canada, Argentina, Chile and the Middle East.
However, according to Brian Krebs, the batch of stolen cards have been used in locations in the US only, like Florida, Maryland, New Jersey, Pennsylvania, Nevada and North Carolina.
The company declared that they take “these matters very seriously and is currently investigating the situation.”
Cooperation with law enforcement has also begun in order to find details about how the malicious software reached the cash registers in order to record the mag stripe data of the cards.
There is no information about the number of cards that have been stolen, as the cybercriminal listed 100 pages of results, with items priced between $18 (13EUR) and $140 (104 EUR).
Apparently, the breach has been carried out by Russians, as the owner of the data instructs customers to transfer the money between June 10 and 11 because “12, 13, 14, 15 of June are the government holidays.” As Krebs notes, “June 12 is 'Russia Day,' a national holiday in Russia since 1992.”