Back to Blog
high severity May 19, 2026 · 4.6M affected

B1ack's Stash Marketplace Releases 4.6M Stolen Credit Cards

The B1ack's Stash dark web carding site released 4.6 million stolen credit card records for free download in response to seller misconduct. The dataset includes card numbers, CVV, expiration dates, names, addresses, emails, phones, and IPs. SOCRadar validated many records as new and usable, raising risks of widespread fraud.

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
B1ack's Stash Marketplace Releases 4.6M Stolen Credit Cards
Data exposed:
  • payment-card
  • personal-information
  • addresses
  • contact-info

A dark web marketplace known as B1ack's Stash released 4.6 million stolen credit card records for free download on May 19, 2026, after accusing certain sellers of misconduct. The dataset contains full payment card details along with associated personal information, including names, physical addresses, email addresses, phone numbers, and IP addresses. Available reporting indicates that anyone who obtains the archive can immediately exploit the records for fraud, identity theft, and further data enrichment.

Public reporting from SecurityWeek confirms the marketplace operator distributed the files without restriction in retaliation against perceived seller violations. SOCRadar examined samples from the release and determined that a substantial portion of the records appeared new, valid, and directly usable for carding activity. The breach exposes not only financial data but also contact and location details that can be cross-referenced with other compromised sources to build complete victim profiles.

You've read 2 of 2 free articles today — reset tomorrow.

Want the rest of this breakdown?

Sign up free to keep reading. Members get extended access, the weekly breach digest, and a complimentary Warden™ to see if their identity is exposed in the breaches we cover.

Get Protected →
Already have an account? Log in →
Full breach archive
Weekly threat digest
30 days of Warden Plus included
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.