one of the most reputable underground stores to purchase stolen credit card information, is also hacked. The stolen data from BriansClub includes over 26 million debit and credit card data retrieved from hacked brick-and mortar and online stores in the last four years. This includes nearly eight million records that were uploaded to the site in the year 2019 alone. briansclub

The month before, KrebsOnSecurity was contacted by someone who provided a plain text document with what was believed to be the complete catalog of cards that are available at present and in the past through BriansClubat. at, a popular scam bazaar named after the author. Imitating my site, image and even the name BriansClub even boasts of the copyright, with a reference at the bottom of every webpage: "(c) 2019 Crabs on Security."

Many people who viewed the database that I shared with my source have confirmed that the exact credit card data can be located in a different form simply by browsing the BriansClub Website that has a valid, well-funded account.

The data on the cards taken from BriansClub has been shared various sources that work with financial institutions to detect and monitor or reissue card which are advertised on criminal underground. briansclub

 The leaked data indicates how in the 2015 year, BriansClub had just 1.7 million card records available for sale. However, business would grow over the following years in 2016: BriansClub released 2.89 million cards stolen, while 2017 saw the addition of 4.9 million new cards uploaded; 2018 saw 9.2 millions more.

In the months between January and of 2019 (when the database's snapshot was made), BriansClub added roughly 7.6 million cards.

A majority of the products available at BriansClub is "dumps," strings of zeros and ones thatwhen encoded on anything that has a magnetic stripe of similar to the credit card could be utilized by thieves to purchase electronic devices, gift cards, and other expensive items from large box stores.

In this table (taken from federal hacking cases that involve stolen credit cards are used to for the purposes of sentencing value each record of stolen cards as that is designed to reflect the loss per cardholder who was compromised.

There's no method to determine which of BriansClub's more than 26 million cards on sale at BriansClub remain in use, however the most accurate approximate estimate -- the number of un-sold cards with expiration dates to come in the future means that the more than 14 million might still be valid.

The archive also shows that who the proprietor(s) of BriansClub often uploading new sets of stolen cards with a few couple of thousand records as well as hundreds of thousands.

This is because, like other card-based websites, BriansClub mostly resells cards that are stolen by cybercriminalsalso known as affiliates or resellers who make a profit from every sale. It's unclear what percentage of that revenue is distributed in this instance however, it is possible that this information is revealed through future analysis of the stolen database.

In a post titled "Your site has been compromised," BriansClub asked for a response from BriansClub through on the "Support Tickets" page on the website of the carding store and informed its owners that all the card information was transferred to the banks that issue cards.