Data Security Carding forum B1ack’s Stash releases millions of stolen credit card records May 20, 2026 Share By SC Staff Credit cards and lock on keyboard. The dark web carding forum B1ack's Stash has released approximately 4.6 million stolen credit card records for free. This action was reportedly taken as a disciplinary measure against sellers who violated the platform's terms of service by reselling data on competing sites, as reported by Security Affairs. The released data, analyzed by SOCRadar, is unusually comprehensive, including full card numbers, expiration dates, CVV2 codes, cardholder names, billing addresses, email addresses, phone numbers, and IP addresses. Analysis suggests that e-skimming or phishing were the likely methods of data collection, given the completeness of the information. While some records were found to be expired or duplicates, an estimated 4.3 million records are considered fresh and potentially usable. The majority of the compromised cards, around 70%, are linked to the United States, with Canada, the United Kingdom, France, and Malaysia also significantly represented. This broad geographic distribution indicates the operation is not confined to a single region. B1ack's Stash has a history of using free data releases as a marketing tactic to attract new users and gain notoriety within the cybercrime community. The immediate risks include an increase in card-not-present fraud, while the extensive personal data also facilitates more sophisticated attacks like identity theft and targeted phishing campaigns. Source: Security Affairs SC Staff Related Data Security Trump Mobile phone provider reportedly leaking customer data SC Staff May 20, 2026 A pair of YouTubers say their personal information, including mailing and email addresses, was leaked after they purchased the Trump Mobile T1 phone. Encryption Discord implements end-to-end encryption for voice and video calls SC Staff May 20, 2026 The popular platform, which serves an estimated 690 million registered users, extended its open-source DAVE encryption protocol to cover all its clients, including desktop, mobile, web browsers, and gaming consoles. Data Security Hotel check-in system exposed over 1 million customer passports SC Staff May 18, 2026 The exposed data belonged to users of Tabiq, a system maintained by Japanese tech startup Reqrea that utilizes facial recognition and document scanning for hotel check-ins. Related Events Cybercast Beyond the Hype: The Cybersecurity Trends CISOs are Keeping an Eye on in 2026 On-Demand Event Cybercast Beyond the data perimeter: Why next-generation DSPM is the foundation for modern data security On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Bit Byte Checksum Ciphertext Cyclic Redundancy Check (CRC) Data Aggregation Data Encryption Standard (DES) Decryption Digital Signature Digital Signature Standard (DSS) You can skip this ad in 5 seconds