Update (Jan 5th, 2012): The mechanism has been updated with the latest leak of additional cards, and now covers just over 30,000 unique credit card numbers.

We have set up a simple and secure system to correlate a given credit card number with the leaked hacked credit cards that has been posted on January 3rd, 2012. The mechanism here does NOT contain the actual credit card numbers in our database, but rather allows to verify whether a hash of the last 6 digits of a card exists in the hashed database that we host. This allows the secure checking of a given card without the need to provide excessive details from the card. Additionally, we do not keep any information posted during the test on our website. (following form is in Hebrew – simply choose the card type from the drop-down list, an enter the card’s last 6 digits(. How the test was developed:

1. Information from the leaked database has been aggregated and scraped for any relevant credit-card information.
2. All the numbers have been merged into a single file (which contains 18594 unique numbers – including “illegal” ones such as 0000000000000000).
3. From the merged file, only the last 6 digits of each card were left.
4. Each 6 digit number has been securely hashed (with a salt( and the resulting hashed numbers were collected in a small database.
5. The verification process is ran against the hashes database. When a number is entered for testing, it is being hashed and ran across the database to find a match. This process does not expose any unnecessary information such as the full card number, the user email, and does not require us to store the entire list of hacked numbers on our servers.