Cybercrime B1ack’s Stash Marketplace Gives Away 4.6 Million Stolen Credit Cards The stolen credit card data was released as a free download, allegedly in response to seller misconduct. By Ionut Arghire | May 19, 2026 (7:59 AM ET) Flipboard Reddit Whatsapp Whatsapp Email The notorious B1ack’s Stash dark web carding marketplace has announced the free download of 4.6 million stolen credit card records. The data, it says, was dumped after sellers were caught reselling card data purchased from B1ack’s Stash on competing platforms, a violation of the marketplace’s policies. B1ack’s Stash allegedly suspended 8 million stolen CVV2 records in response to the sellers’ misconduct, and decided to release the card data for free, instead of deleting it from its inventory. According to SOCRadar , the released data includes full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and IP addresses. Based on the availability of full card details and payment data, the information was likely stolen as part of e-skimming or phishing operations, SOCRadar says. The cybersecurity firm says it has validated the authenticity of some of the records. Analysis of the data showed that some of the cards had expired or were duplicate entries. Advertisement. Scroll to continue reading. Overall, 4.3 million records appear to be new and likely usable for illicit activities, SOCRadar says. The stolen credit cards are sourced worldwide, but approximately 70% of them are from the US. Canada, the UK, France, and Malaysia round out the top five. “The presence of Asian financial hubs like Hong Kong, Singapore, Thailand, and Malaysia in the top 15 suggests the dataset is not solely the product of a single regional operation, but draws from multiple skimming or phishing campaigns targeting English-speaking and high-purchasing-power markets globally,” SOCRadar notes. B1ack’s Stash has been operating on the dark web since at least 2023, becoming one of the most active shops for stolen credit card data. In April 2024, the marketplace offered 1 million credit cards to anyone who registered. In February 2025, it released over 4 million stolen credit cards for free, likely to attract more users. The newly dumped cards are expected to fuel card-not-present (CNP) fraud activities, such as illicit online purchases. The accompanying information may allow cybercriminals to open fraudulent accounts, apply for credit, or launch convincing phishing attacks. “The richness of the leaked records – full PAN, CVV2, expiration date, billing address, full name, email, phone, and IP address in a single entry – creates compounding risks that go well beyond simple card fraud,” SOCRadar says. Related: Chilean Carding Shop Operator Extradited to US Related: Carding Marketplace BidenCash Shut Down by Authorities Related: US Announces Charges, Sanctions Against Russian Administrator of Carding Website Related: Underground Carding Marketplace Joker’s Stash Announces Shutdown Written By Ionut Arghire Ionut Arghire is an international correspondent for SecurityWeek. More from Ionut Arghire First Shai-Hulud Worm Clones Emerge Exploitation of Critical NGINX Vulnerability Begins PoC Code Published for Critical NGINX Vulnerability OpenAI Hit by TanStack Supply Chain Attack TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code Chrome 148 Update Patches Critical Vulnerabilities Chinese APTs Expand Targets, Update Backdoors in Recent Campaigns F5 Patches Over 50 Vulnerabilities Latest News Cyber Resilience is the New Business Continuity Plan 201 Arrested in Crackdown on Cybercrime in Middle East, North Africa PoC Released for DirtyDecrypt Linux Kernel Vulnerability Critical Vulnerability Exposes Industrial Robot Fleets to Hacking Millions Impacted Across Several US Healthcare Data Breaches ‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE Trending Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: Third-Party Risk in Practice June 4, 2026 Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice. Register Virtual Event: Threat Detection and Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register People on the Move Tim Byrd has been appointed Chief Information Security Officer at First Citizens Bank. IRONSCALES has named Steve McKenzie as Chief Operating Officer. Silvio Pappalardo has joined AuthMind as Chief Revenue Officer. More People On The Move Expert Insights Cyber Resilience is the New Business Continuity Plan The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. (Steve Durbin) Enhancing Data Center Security Without Sacrificing Performance For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game. (Nadir Izrael) Is the SOC Obsolete, and We Just Haven’t Admitted It Yet? Many AI-first enterprises have already embraced sovereign architectures for general AI initiatives; cybersecurity—and the SOC—should be next. (Danelle Au) The Mythos Moment: Enterprises Must Fight Agents with Agents Only with the right platform and an agentic, AI-driven defense, will enterprises be able to protect themselves in the agentic era. (Etay Maor) Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents From autonomous code generation to decision-making systems that initiate actions without human intervention, the industry is entering a new phase. (Torsten George) Flipboard Reddit Whatsapp Whatsapp Email