Allegedly, a threat actor has emerged on the dark web scene, offering unauthorized access to a cPanel account affiliated with Nuvei, a distinguished provider of technology-driven global payment processing solutions. The actor boasts of possessing a trove of sensitive information within the compromised account, encompassing critical data points such as BIN numbers, the last four digits of credit cards, expiration dates, bank names, card types, last names, first names, addresses, cities, zip codes, emails, phone numbers, and more.
According to the actor’s claims, this comprehensive dataset can be conveniently exported in either XLSX or CSV format, heightening the potential risks associated with unauthorized access. Astonishingly, the daily transaction volume processed through this compromised account is estimated to reach a staggering $320,000, underscoring the significant financial implications for both Nuvei and its clientele. The actor has set the starting price for this illicit offering at $10,000, signaling a severe threat to the integrity of financial transactions and the privacy of individuals involved in the payment ecosystem.