Sam's Club A.I CyberSecurity Scoring
Sam's Club
Company Information
Website:http://www.samsclub.com
Employees number:47,591
Number of followers:409,679
NAICS:43
Industry Type:Retail
Homepage:samsclub.com
Sam's Club Risk Score (AI oriented)
Between 700 and 749
Sam's ClubRetail
Updated:
30/04/2026
30/04/2026
712/1000
Moderate
Ba
Sam's Club Global Score (TPRM)
xxxx
Sam's ClubRetail
Score locked

Sam's ClubModerate
Current Score
712Ba (MODERATE)
01000
4 incidents
-27 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
717
JUNE 2026
716
MAY 2026
714
APRIL 2026
739
Cyber Attack
16 Apr 2026 • Sam's Club
Amazon, Temu, Sam’s Club, Grubhub, Lyft, CountryMax and Elf Cosmetics: Misconfigured Server Run by Hackers Leaks 345,000 Stolen Credit Cards
AI Coding Error Exposes Massive Stolen Credit Card Database
712
HIGH-27
ELFTEMCOUGRUAMASAMLYF1777580773
AI Coding Error Exposes Massive Stolen Credit Card Database
On 16 April, cybersecurity researchers uncovered a misconfigured server linked to Jerry’s Store, a dark web carding marketplace where hackers verify stolen credit cards. The leak stemmed from an AI-assisted coding mistake, revealing the group’s entire database including 345,000 credit cards, of which 145,000 were active.
The hackers used Cursor, an AI-powered code editor, to build a statistics dashboard. However, the AI generated an unauthenticated open web directory instead of a secure page, exposing the server to public access. Researchers found that Cursor’s lack of safety guardrails allowed the tool to assist in criminal activity without intervention, despite recognizing its use for credit card fraud.
The group tested stolen cards by making small transactions on major platforms, including Amazon (US & JP), Grubhub, Sam’s Club, Temu, Lyft, Elf Cosmetics, and CountryMax. Successful payments confirmed a card’s validity, increasing its dark web value $7 to $18 per card, with the full dataset potentially worth $2.6 million.
The exposed data included card numbers, security codes, cardholder names, and home addresses. Jerry’s Store, launched in late 2023, appears to be operated by a Chinese-speaking individual, though the server was hosted in Germany, likely via a bulletproof hosting provider to evade detection.
While the incident highlights risks in AI-assisted development, researchers noted that the leak also disrupted criminal operations by exposing their methods. Cursor has not yet responded to the findings.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
MARCH 2026
739
FEBRUARY 2026
738
JANUARY 2026
737
DECEMBER 2025
735
NOVEMBER 2025
732
OCTOBER 2025
731
SEPTEMBER 2025
732
AUGUST 2025
730
NOVEMBER 2023
740
Breach
01 Nov 2023 • Sam's Club
Sam’s Club
Sam’s Club Unauthorized Account Access Incident
695
CRITICAL-45
SAM021091825
In mid-November, Sam’s Club reported a data breach where unauthorized individuals gained access to customer accounts using credentials likely obtained from an external source. The incident exposed sensitive personal information, including names, phone numbers, postal addresses, and payment card details. While the exact number of affected customers remains undisclosed, the breach poses significant risks such as identity theft, financial fraud, and reputational damage. The compromised payment card data could lead to fraudulent transactions, while the exposure of personal details increases the likelihood of targeted phishing or social engineering attacks. The breach underscores vulnerabilities in credential security and the potential for cascading harm when third-party credentials are reused across platforms. Customers are advised to monitor their accounts for suspicious activity and update their login credentials to mitigate further risks.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
SEPTEMBER 2020
724
Breach
24 Sep 2020 • Sam's Club
Sam's Club
Sam's Club Data Breach (2020)
679
CRITICAL-45
SAM025091825
The California Office of the Attorney General disclosed a data breach targeting Sam's Club in October 2020, stemming from an incident on September 24, 2020. Unauthorized actors gained access to member accounts using stolen login credentials, compromising personal information of affected individuals. While the exact scope of exposed data was not detailed, such breaches typically involve sensitive details like names, contact information, membership IDs, or payment data—posing risks of identity theft, phishing, or financial fraud. The breach underscored vulnerabilities in credential security, highlighting the need for stronger authentication measures. Sam’s Club likely faced reputational damage and potential regulatory scrutiny, though no evidence suggested systemic operational disruption or ransomware involvement. Customers were advised to monitor accounts and update passwords, but the long-term impact on trust and membership retention remained a concern.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JUNE 2020
811
Ransomware
16 Jun 2020 • Sam's Club
Sam's Club
Potential Security Incident at Sam's Club
722
CRITICAL-89
SAM248032825
Sam's Club, a subsidiary of Walmart, is investigating a potential security incident following claims of a breach by the Clop ransomware gang. Clop has added Sam's Club to its leak site but has not yet released proof. The breach may involve the exploitation of a zero-day vulnerability in Cleo file transfer software, which Sam's Club may have used. Prior incidents include credential stuffing in 2020, but the current situation remains under investigation with no explicit customer or employee data known to be compromised.
INCIDENT DETAILS -
TYPE
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Sam's Club ??
What was Sam's Club's A.I Rankiteo Cyber Score in June 2026 ??
What was Sam's Club's A.I Rankiteo Cyber Score in May 2026 ??
What was Sam's Club's A.I Rankiteo Cyber Score in April 2026 ??
What was Sam's Club's A.I Rankiteo Cyber Score in March 2026 ??
What was Sam's Club's A.I Rankiteo Cyber Score in February 2026 ??
What was Sam's Club's A.I Rankiteo Cyber Score in January 2026 ??
What was Sam's Club's A.I Rankiteo Cyber Score in December 2025 ??
What was Sam's Club's A.I Rankiteo Cyber Score in November 2025 ??
What was Sam's Club's A.I Rankiteo Cyber Score in October 2025 ??
What was Sam's Club's A.I Rankiteo Cyber Score in September 2025 ??
What was Sam's Club's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Sam's Club's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Sam's Club ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Sam's Club's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?