What is going on in South Korea? Analysts at GeminiAdvisory.io are reporting a major spike in payment cards. In a report released today, they write, in part:
Gemini Advisory observed 42,000 compromised South Korean-issued CP records posted for sale in the dark web in May 2019, which is generally in line with monthly additions from the past two years. However, June 2019 had 230,000 records, a 448% spike. July was even more drastic with 890,000 records, a 2,019% increase from May’s benchmark amount. This spike currently consists of over 1 million compromised South Korea-issued CP records posted for sale in the dark web since May 29, 2019.
As part of their in-depth analysis, they report:
Among the additions of compromised South Korean CP records, Gemini identified that 3.7% were US-issued cards. One of the most affected US financial institutions was a credit union that primarily serves the US Air Force; the Air Force maintains multiple air bases in South Korea. Through an in-depth analysis of the compromised cards, analysts determined that many of them belong to US cardholders visiting South Korea. Since South Korea has received just over 1 million US travelers in the past 12 months, this should account for the high level of US payment records.
Read more on GeminiAdvisory.io.