South Korean Breach Exposes Over 1 Million Payment Cards

[[correlate]]

Content source

https://geminiadvisory.io/south-korean-breach-exposes-over-1-million-payment-cards/?fbclid=IwAR0gGg8T5AYHI7wz6bi4X4XQpWowBCK3d6WGLJXUO60nJGXkx5CxtPNZ0uk

Key Findings

• While the entire Asia Pacific (APAC) region is experiencing a noticeable uptick in attacks against brick-and-mortar and e-commerce businesses, South Korea has emerged as the largest victim of Card Present (CP) data theft by a wide margin.
• Gemini Advisory observed a spike in South Korean-issued CP records that currently consists of over 1 million records posted for sale in the dark web since May 29, 2019.
• While the exact compromised point of purchase (CPP) remains unclear, these records may have been obtained from the breach of a parent company that operates several different businesses in a variety of locations. It is also possible that a point-of-sale (POS) integrator was breached, allowing a threat actor access to a single integrator service that interfaces with many merchants.
• As the global trend towards increasingly targeting non-Western countries continues, Gemini Advisory assesses with a moderate degree of confidence that both the supply and demand for South Korean-issued CP records in the dark web will likely increase.

South Korean Breach Exposes Over 1 Million Payment Cards

Asia Pacific (APAC) is experiencing a rise in brick-and-mortar and e-commerce breaches, while South Korea has emerged as the largest victim of CP attacks.

geminiadvisory.io