Genesis Market 2023 Data Breach

Genesis Market Criminal Identity Marketplace Seizure (2023): 8 Million Stolen Identity Packages Including Full Credit Card & Browser Fingerprints Exposed | ObscureIQ
ObscureIQ Breach Intelligence

Classification Tags

Genesis Market operatorsMalware / InfostealerCybercrime: Threat Actor InfrastructureCredit CardCredit Card CvvDate of BirthEmail AddressFull NamePasswordPhone Number
Moderate SeverityWebsite / service breach

Genesis Market Criminal Identity Marketplace Seizure (2023): 8 Million Stolen Identity Packages Including Full Credit Card & Browser Fingerprints Exposed

Criminal marketplace for stolen browser fingerprints and credentials (seized by FBI)

Verified by ObscureIQ Intelligence
37/100Breach Risk Index
28Data Value
10Market Recency
1190dSince Breach

Breach Intelligence Summary

Entity: Genesis Market · Actor: Genesis Market operators (marketplace seized by FBI/Europol/Dutch police, Apr 2023) · Sources: 3 references
Attack: Malware / Infostealer
Profile: Threat Actor Infrastructure · Stolen identity trading and browser fingerprint trafficking · Identity fraud marketplace · Global
Timeline: Breach (2023-04-05) · Indexed (Apr 05, 2023) · Year (2023)
Exposure: 8.0M records · 10 fields: Credit Card, Credit Card Cvv, Date of Birth, Email Address, Full Name, Password, Phone Number, Physical Address, User Agent, Username
Status: Compilation

Executive Summary

In April 2023, the FBI and an international coalition (Europol, Dutch police) seized Genesis Market in "Operation Cookie Monster." Genesis was a criminal marketplace that sold stolen "identity packages" (browser fingerprints, cookies, saved credentials, and full payment-card data) harvested from ~1.5 million malware-infected devices covering 80M+ accounts. Data from the seizure (~8 million records in this dataset) was made available for victim notification. Exposed fields include names, emails, phone numbers, addresses, dates of birth, passwords, full credit cards with CVV, and browser user-agent/fingerprint details. This is a law-enforcement-seized criminal/infostealer dataset, not a breach of a single legitimate organization.

ObscureIQ assessment: Extremely high risk. Exposure can reveal buyers, sellers, and targets of stolen identity packages, enabling law-enforcement targeting, retaliation, and further fraud against already-compromised victims.

Breach Impact

The seized dataset represents victims of infostealer malware whose complete "identity packages" - credentials, full credit-card data and CVV, browser fingerprints, cookies, DOB, contact and address data - were sold to criminals for account takeover and impersonation. For affected individuals the exposure is severe and multi-vector (financial fraud, ATO, identity theft, session hijacking); the law-enforcement seizure and notification are mitigations.

About Genesis Market

Genesis Market was an invitation-only criminal marketplace that sold "bots" - packages of stolen credentials, browser fingerprints, cookies, and session tokens harvested from malware-infected devices, enabling buyers to impersonate victims and bypass authentication. It operated for roughly five years until its April 2023 takedown.

Why They Hold Your Data

Identity-fraud marketplaces collect user accounts, billing records, search activity, and listings tied to stolen identities, browser fingerprints, cookies, and access artifacts.

Recent Developments

On April 4, 2023, the FBI, Europol, and Dutch police seized Genesis Market in "Operation Cookie Monster," with ~120 arrests and 200+ searches worldwide. The marketplace had offered data stolen from 1.5M+ computers covering 80M+ accounts (~460,000 packages listed). Seized data was made available for victim notification (e.g., via Have I Been Pwned).

Data Points Exposed

10 verified field types
Credit Card Critical
Credit Card Cvv
Date of Birth High
Email Address
Full Name High
Password Critical
Phone Number
Physical Address High
User Agent
Username

Field names are shown in full for clarity and search visibility. Canonical machine keys are emitted only in this page’s structured data.

Exploitation & Downstream Threats

Threat Activity:Critical
Primary downstream threats:
  • Financial fraud using full credit-card + CVV data
  • Account takeover via stolen credentials, cookies, and session tokens (MFA-bypass)
  • Identity theft and synthetic identity construction using name + DOB + address
  • Impersonation using browser fingerprints
  • Targeted phishing/SIM-swap using contact data
Threat vectors:
  • Financial account & payment card fraud
  • Session/cookie hijacking & MFA bypass
  • Full identity theft & synthetic identity fraud
  • Browser-fingerprint impersonation
  • Credential stuffing & account takeover
  • SIM swapping & phone targeting

Threat Actor: Genesis Market operators (marketplace seized by FBI/Europol/Dutch police, Apr 2023)

Genesis Market operators (marketplace seized by FBI/Europol/Dutch police, Apr 2023)
Malware / Infostealer

Attribution and method are based on available breach intelligence. Reported attack vector: Malware / Infostealer.

Recommended Actions

If you believe your information may be included:

Change Reused Passwords
Update this account and anywhere you reused the password; use a manager.
Enable MFA Everywhere
Turn on multi-factor authentication on email first, then financial accounts.
Report & Recover
If you spot misuse, start an official recovery plan and report fraud.

Frequently Asked Questions

What happened in the Genesis Market breach?

In April 2023, the FBI and an international coalition (Europol, Dutch police) seized Genesis Market in "Operation Cookie Monster." Genesis was a criminal marketplace that sold stolen "identity packages" (browser fingerprints, cookies, saved credentials, and full payment-card data) harvested from…

What data was exposed?

Verified fields include Credit Card, Credit Card Cvv, Date of Birth, Email Address, Full Name, Password, Phone Number, Physical Address, User Agent, Username.

What should I do if I was affected?

Change reused passwords, enable MFA, and (if identity or financial data is involved) freeze your credit and monitor your accounts.

Sources & References

Every claim on this page is traceable. This breach draws on:

Breach Index
Have I Been Pwned
Record & field corroboration
Cross-source
HackNotice.com
Independent catalogue listing
ObscureIQ Intelligence
ObscureIQ proprietary analysis
Risk Index scoring & downstream-threat assessment

Protect Yourself

Check If You're Affected

Enter your email to check whether your data appears in this breach. We’ll send a 6-digit code to confirm it’s your address.

Get Free Breach Alerts

Be the first to know when new breaches are disclosed. Free forever — confirm your email with a 6-digit code.

High-Risk? Get an Exposure Audit

Executives, public figures, and high-visibility operators can receive tailored exposure intelligence and hardening guidance.

Request Consultation