Here's exactly how much your stolen credit card info is worth to hackers


A person wearing a balaclava is silhouetted as he poses with a laptop in front of a screen projected with the word 'cyber' and binary code, in this picture illustration taken in Zenica October 29, 2014.   REUTERS/Dado Ruvic

Thomson Reuters

Picture illustration of person posing with laptop in front of projection with word 'cyber' and binary code in Zenica


The "Dark Web" houses the seedy corner of the internet that few truly understand.

And as a new research report highlights, the Dark Web also contains a growing and sophisticated economy with its own marketplaces where our "information is being openly sold," including access to stolen financial account and card details.

Complimentary Tech Event
Discover the future of SaaS in India
The 6-part video series will capture the vision of Indian SaaS leaders and highlight the potential for the sector in the decades to come.29th Sep, 2022 Starts at 04:00 PM (35 mins)Register Now
Our Speakers
Beerud Sheth
Tim Barens

McAfee Labs recently published its findings after researching these hidden online marketplaces in a document titled, "The Hidden Data Economy," and it offers a look at how our information is valued after its been stolen.

According to McAfee Labs, the more data a cyber thief can collect - particularly with credit or debit cards - the more it's worth. Along with a credit card number, these are some of the things that increase the value of your information:


  • "CVV" is the industry acronym for card verification value. CVV1 is a unique three-digit value encoded on the magnetic stripe of the card. CVV2 is the three-digit value printed on the back of the card.
  • "Software-generated" is a valid combination of a primary account number (PAN), an expiration date, and a CVV2 number that has been generated by software. Sellers refer to a valid number combination as a "Random." Valid credit card number generators can be purchased or found for free online.
  • "Fullzinfo" means the seller supplies all of the details about the card and its owner, such as full name, billing address, payment card number, expiration date, PIN number, social security number, mother's maiden name, date of birth, and CVV2.

McAfee researchers estimate that basic details for Visa, MasterCard, Amex, or Discover cards, which includes the card number and software-generated information, can see an asking price ranging from $5 in the US to $25-30 in Europe.

"Fullzinfo" is considered the most valuable amount of information. In the US, the estimated per card price stands at $30, while in Europe it runs around $40.

Aside from selling their stolen information on different geographical marketplaces, another way hackers can ask for more money is by also providing an account balance. A "dump track" - or "information electronically copied from the magnetic stripe on the back of credit and debit cards" - with a high balance can sell for between $110 and $1190.

Hackers are also able to occasionally get their hands on data that includes COBs, which means the stolen data contains associated login and password information. Once the account credentials are provided to the highest bidder, the buyer can then switch out the shipping or billing address.

Interestingly enough, sellers don't always provide the data to the buyer after the purchase - it would seem there's not always honor among thieves - though McAfee researchers note that "many sellers" do end up following through.


You can read the full McAfee Labs report here.

NOW WATCH: Gigi Hadid is being blackmailed by hackers who say they have her iCloud photos