Central Coast Council in NSW Falls Victim to Carding Attack

Central Coast Council in New South Wales (NSW) seems to have fallen victim to a carding attack, where cybercriminals use the council's payment system to validate card numbers. The council issued a statement on Thursday, suggesting that the attack "may have impacted any card holders across Australia, not just those who transact with the council."

A carding attack involves validating stolen credit card information by making small transactions, usually less than a dollar, to confirm the cards' authenticity. This incident raises concerns about potential risks for cardholders beyond the council's transactions, highlighting the need for increased cybersecurity measures and vigilance to prevent such attacks. The council is likely working to address the security breach and safeguard affected individuals against potential fraudulent activities.

Central Coast Council has responded to the carding attack by taking its online payment channel offline. The incident is under investigation by both the council and its payments gateway provider, although the provider is not named in the reports.

According to the council's statement, "suspicious activity" was identified late on Wednesday. The attackers tested a series of "random card numbers" for authenticity by making small payments to the council. By taking the online payment channel offline, the council aims to contain the situation, investigate the extent of the breach, and implement necessary security measures to prevent further unauthorized activities.

The Central Coast Council reported that while hundreds of payment attempts were rejected, fewer than 20 were successful in the carding attack. The council acknowledged that it is not the sole organization affected by the incident, indicating that other entities using the same payments service may have also experienced impacts.

The nature of the attack aligns with characteristics of a carding or credit card stuffing attack. In such attacks, cybercriminals attempt to validate stolen credit card information by making small transactions, often less than a dollar, to confirm the legitimacy of the card details. The involvement of multiple organizations suggests a broader threat landscape, and it underscores the need for heightened cybersecurity measures and collaboration to address such incidents.

Carding, as defined, is an automated method of payment fraud where fraudsters validate a large list of credit or debit card data against a merchant's payment processing system. This is typically done to verify the legitimacy of breached or stolen card details.

The mention of credential stuffing attacks highlights another form of cyber threat. Credential stuffing involves using previously breached username and password combinations to gain unauthorized access to user accounts on various platforms, taking advantage of individuals who reuse passwords across different online services.

Both carding and credential stuffing attacks are concerning cybersecurity issues that highlight the importance of robust security measures, including secure payment processing systems, regular monitoring, and user education to prevent falling victim to such malicious activities. The incidents in Australia further emphasize the need for organizations and individuals alike to stay vigilant and implement best practices to safeguard against cyber threats.