Dark web marketplace leaks 345,000 credit card records using AI
08 May 2026
A dark web marketplace, dubbed "Jerry's Store," has inadvertently leaked over 345,000 credit card records.
The breach was triggered by the platform's heavy reliance on artificial intelligence (AI) coding tools for its infrastructure.
Cybernews researchers discovered an unsecured server linked to Jerry's Store, which allegedly sold stolen payment card information and provided tools for buyers to check if the cards were still active before purchasing.
Jerry's Store relied on AI coding tool for infrastructure
Risk exposure
The leak was caused by the operators of Jerry's Store using AI coding assistants to build their infrastructure, but not securing what these tools generated.
The platform's infrastructure was built using Cursor, an AI-powered coding assistant from US software company Anysphere.
While Cursor is a legitimate development tool widely used by programmers, its heavy use by the operators for creating backend systems and internal staff dashboards led to problems when vague instructions were given without proper security checks afterward.
Exposed web dashboard accessible through browser
Data exposure
The vague instructions given to the AI system resulted in an exposed web dashboard that was directly accessible through a browser, with no password protection or authentication barriers.
Cybernews discovered the server on April 16 and found that sensitive information had been left open to the internet.
The leaked data included some 145,000 "valid" payment card records containing full card numbers, expiry dates, CVV security codes, as well as names and billing addresses.
Leak provided card verification service for criminals
Operational details
The exposed platform worked as a card verification service for criminals purchasing stolen payment details online.
Instead of just selling untested card data, the system verified whether cards were still active by conducting real-world payment tests through legitimate companies.
The operators created fake accounts on platforms such as Amazon, Grubhub, Sam's Club, Temu, Lyft, Elf Cosmetics, and CountryMax to test if the cards remained functional.
Request to create statistics dashboard led to leak
Leak investigation
The leak was traced back to a single request in the operators' chat history with Cursor.
One of the administrators had asked the AI system to generate a statistics dashboard, which it did, but was later deployed online without any security protections.
Cybernews said this case highlights how AI tools like Cursor can lead to accidental data leaks even when used for legitimate purposes by developers.
-
Keir Starmer's biggest fans - the 2 MPs still trying to convince him not to quit
-
Sakshi Malik backs Vinesh Phogat, urges PM Modi, WFI to allow comeback
-
Labour minister left stuttering over Keir Starmer exit question as GMB turns tense
-
BJP District Office Burgled Ahead of Assam Government Swearing-In
-
People with log burners have been told of a May mistake 'with £300 fine'
