NEW YORK (CNN) – Home Depot is the latest major U.S. retailer investigating what may have been a “massive” hack of its customers’ credit and debit card information.
Word of a possible breach came amid after a report that a new batch of stolen payment data went up for sale Tuesday on the online black market. Home Depot is investigating a security breach. That means if you’ve shopped there recently, your credit card could be vulnerable.
It’s the latest major retailer targeted by hackers. As more companies are breached, there’s more stolen credit card info floating around the web.
Let’s break down what happens to your data on the black market. A privacy group called the Digital Citizens Alliance says they found a hacker boasting about having credit card numbers they posed as a customer.
Digital Citizens Alliance (DCA): “I’m calling about the credit cards.”
Hacker: “Ok, now did you want CVV’s, Fulls, or Dumps?”
DCA: “I think Fulls, but I’m trying to figure out how many I can buy?”
Hacker: “Do you need the date of birth, social, all that as well?
DCA: “Well, I don’t know. I’m trying to get some cash so I’m looking to buy some stuff so I can sell it.”
Hacker: “Ok, so you’re looking to buy stuff online right?”
Hacker: “Ok, what sites are you planning to target?”
However, before your card number is bought and sold over the phone, you’ll find them for sale on what’s known as “the dark web.”
Think of it as the underbelly of the internet, a network you’re only able to access through Tore, an encrypted browser, known as ‘Tor,” that makes it difficult to identify users.
The average black market price for all the data on your credit card is a little over $100.
If it’s taken from an account on eBay or PayPal it’s cheaper, you’re looking at a price tag of about $27.
The cost to taking control of your bank account? Close to $200.
Also, stolen cards from Asia are worth more than those from the US. Different factors including how quickly your credit card company reacts all play into the black market value.