According to global threat intelligence provider Cyble, the leaked database contains information that includes card numbers, expiry dates, CVV numbers and emails of consumers around the globe. "The subject release of the credit and debit cards data by BidenCash shop is one of the largest leaks of its kind on any of the cybercrime/underground forums in recent times," the company said.

The top countries with the most affected consumers are the United States, with over 675,000 card details leaked, followed by India, Brazil, and the United Kingdom.

Statistical analysis by Cyble has found that American Express was the most impacted bank. Visa was the most affected card type, followed by Mastercard and American Express.

Analysts from the Italian cyber agency D3lab said the card information mainly came from web skimmers, where malicious code is injected into an online payment page such as malware forced into online shops, individual malware attacks or even from breaches of companies that store credit card information.

The BidenCash shop was established in the dark web in April and used promotional strategies such as the mass release of payment card data for free, which made it one of the most popular underground shops.